CVE-2026-3206

The CVE-2026-3206 entry details an Improper Resource Shutdown or Release vulnerability in KrakenD products. Affected: KrakenD-CE (CircuitBreaker modules) prior to 2.13.1; KrakenD-EE (CircuitBreaker modules) prior to 2.12.5. Impact and exploit details are not fully provided beyond the vulnerabilit...

python-pyasn1 security update

0.6.2-1 - Update to 0.6.2 - Update modules to 0.4.2 Resolves: RHEL-148142...

📄 sudo 1.9.17 chroot Privilege Escalation

This Metasploit module exploits CVE-2025-32463, a local privilege escalation vulnerability in Sudo's chroot functionality. The vulnerability allows attackers to load malicious NSS Name Service Switch modules from within a chroot environment, leading to arbitrary code execution as root...

CVE-2026-27452

ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules BER and Distinguished Encoding Rules DER. In versions 11.0.5 and below, in some cases, decoding an INTEGER could leak the underlying ArrayBuffer. This issue is expected to be fixed in version 11.0.6...

Redteam-Automation

🔴 AI-Driven Red Team Simulation Framework A production-ready...

CVE-2026-26974

Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or required. All projects...

SUSE CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

Fickling has a detection bypass via stdlib network-protocol constructors

Our assessment imtplib, imaplib, ftplib, poplib, telnetlib, and nntplib were added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/6d20564d23acf14b42ec883908aed159be7b9ade. The UnusedVariables heuristic works as expected. Original report Summary Fickling's checksafety...

UBUNTU-CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

CVE-2026-26974 Sylde has Improper Control of Generation of Code

Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or required. All projects...

CVE-2026-26974

CVE-2026-26974 (Slyde) affects Slyde versions 0.0.4 and earlier. The root cause is Node.js automatically importing any /**.plugin.{js,mjs} files, including those from node_modules, enabling a malicious package with a .plugin.js file to execute arbitrary code when installed or required. Impact is ...

CVE-2026-26974 Sylde has Improper Control of Generation of Code

Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or required. All projects...

CVE-2026-26974

Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or required. All projects...

CVE-2026-26974 Sylde has Improper Control of Generation of Code

Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or required. All projects...

Slyde 安全漏洞

Slyde is an animation demonstration program developed by Tygo van den Hurk personally. Versions of S Clyde prior to 0.0.4 contained security vulnerabilities. These vulnerabilities stemmed from Node.js automatically importing the plugin.js file from the nodemodules directory, which could allow...

PT-2026-21008

Name of the Vulnerable Software and Affected Versions erlang otp versions 1.0 through 6.9 erlang otp version 17.0 erlang otp versions prior to 7.0 Description The software contains a Relative Path Traversal and Improper Isolation or Compartmentalization issue. The issue is associated with program...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20248-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20248-1 advisory. Changes in chromium: - more fixes for desktop file, some variables were lowercased, further adaptions in INSTALL script boo1258199 - also copy...

GHSA-W7H5-55JG-CQ2F Improper Control of Generation of Code ('Code Injection') in @tygo-van-den-hurk/slyde

Impact This is a remote code execution RCE vulnerability. Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file could execute arbitrary code when installed or required. All projects using this loading behavior are...

Improper Control of Generation of Code ('Code Injection') in @tygo-van-den-hurk/slyde

Impact This is a remote code execution RCE vulnerability. Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file could execute arbitrary code when installed or required. All projects using this loading behavior are...

CVE-2025-1272

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...