CVE-2026-6665

A flaw was found in PgBouncer, a lightweight connection pooler for PostgreSQL. A malicious backend server can exploit a vulnerability in the Salted Challenge Response Authentication Mechanism SCRAM code. By sending a specially crafted server-final-message with an excessively long nonce, the flaw...

BIT-PGBOUNCER-2026-6665 PgBouncer buffer overflow in SCRAM

The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow...

CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

EUVD-2026-29387

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

SUSE CVE-2026-43346

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF which doesn't own the source timer. In that case the PTP controlling PF adapter-ctrlpf is never...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in the NGAP Message Handler component. An attacker can cause memory corruption by sending specially crafted NGAP messages remotely with low privileges. Remediation Upgrade github.com/omec-project/amf/util to version 2.2.0 ...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in the NGAP Message Handler component. An attacker can cause memory corruption by sending specially crafted NGAP messages remotely with low privileges. Remediation Upgrade github.com/omec-project/amf/metrics to version 2.2...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in the NGAP Message Handler component. An attacker can cause memory corruption by sending specially crafted NGAP messages remotely with low privileges. Remediation Upgrade github.com/omec-project/amf/ngap to version 2.2.0 ...

CVE-2026-8349

A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...

KB5089548: Windows 11 Version 26H1 Security Update (May 2026)

The remote Windows host is missing security update 5089548. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Heap-based buffer overflow in Windows Win32K -...

PT-2026-40100

Zulip is an open-source team collaboration tool. Prior to 12.0, With message edit history visibility policy set to "moves", /api/v1/messages/id/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This...

PT-2026-40145

Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A double free issue in Windows Message Queuing allows an authorized attacker to elevate privileges locally. A double free occurs when a program attempts to free the same memor...

KB5087538: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2026)

The remote Windows host is missing security update 5087538. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

Microsoft Windows SMB Client 资源管理错误漏洞

Microsoft Windows SMB Client is a software application developed by Microsoft Corporation. It is a SMB client. The Microsoft Windows SMB Client has a resource management vulnerability that can be exploited by attackers to gain elevated privileges. The following products and versions are affected:...

Zulip 访问控制错误漏洞

Zulip is a powerful open-source chat application developed by the US company Zulip. It combines the immediacy of real-time conversations with the productivity benefits of threaded dialogue. Prior to Zulip 12.0, there was an access control vulnerability. This vulnerability occurred when...

Microsoft Message Queuing 资源管理错误漏洞

Microsoft Message Queuing is a solution developed by Microsoft for implementing high-performance asynchronous and synchronous scenarios. There is a resource management vulnerability in Microsoft Message Queuing. The following products and versions are affected: Windows 11 Version 24H2 for...

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is a solution developed by Microsoft for implementing high-performance asynchronous and synchronous scenarios. There are security vulnerabilities associated with Microsoft Message Queuing. The following products and versions are affected: Windows 10 Version 1809 for 32-b...

ip-address 跨站脚本漏洞

ip-address is a JavaScript library developed by Beau Gunderson, designed for verifying and manipulating IPv4 and IPv6 addresses. Versions prior to 10.1.1 of ip-address had a cross-site scripting vulnerability. This vulnerability stemmed from the Address6.group and Address6.link methods not proper...

PT-2026-40149

Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker located on an adjacent network to execute arbitrary code. A heap-based buffer overflow...

KB5087471: Windows Server 2012 R2 Security Update (May 2026)

The remote Windows host is missing security update 5087471. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...