Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.15 contained a security vulnerability caused by improper execution of...

Oracle Linux 10 : python-pyasn1 (ELSA-2026-3354)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3354 advisory. 0.6.2-1 - Update to 0.6.2 - Update modules to 0.4.2 Resolves: RHEL-148142 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : python-pyasn1 (ELSA-2026-3359)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3359 advisory. 0.4.8-7 - Resolves: RHEL-148154 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

CVE-2026-0655

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TP-Link Deco BE25 v1.0 web modules allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822...

CVE-2026-0655

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TP-Link Deco BE25 v1.0 web modules allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822...

CVE-2026-0655

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TP-Link Deco BE25 v1.0 web modules allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822...

EUVD-2026-9217

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TP-Link Deco BE25 v1.0 web modules allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822...

CVE-2026-0655

CVE-2026-0655 affects TP-Link Deco BE25 v1.0 (web modules) up to firmware 1.1.1 Build 20250822. The issue is a path traversal vulnerability that allows an authenticated adjacent attacker to read arbitrary files or cause a denial of service. Connected sources confirm the vulnerable product/version...

PT-2026-22662

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TP-Link Deco BE25 v1.0 web modules allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822...

ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +4650 more potentially affected by unknown CVE via tools.jackson.core:jackson-core (>=3.0.0 <=3.1.0-rc1)

tools.jackson.core:jackson-core MAVEN version =3.0.0, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.1, =0.1.2, =0.1.0, =0.1.0, =0.7.6, =0.7.17 and more Source cves: unkno...

CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

Jailbreak Foundry: From Papers to Runnable Attacks for Reproducible Benchmarking

Jailbreak techniques for large language models LLMs evolve faster than benchmarks, making robustness estimates stale and difficult to compare across papers due to drift in datasets, harnesses, and judging protocols. We introduce JAILBREAK FOUNDRY JBF, a system that addresses this gap via a...

PT-2026-22343

Name of the Vulnerable Software and Affected Versions Centreon Open Tickets versions prior to 25.10 Centreon Open Tickets versions prior to 24.10 Centreon Open Tickets versions prior to 24.04 Description An improper input validation issue exists in Centreon Open Tickets on Central Server on Linux...

CVE-2026-3206

The CVE-2026-3206 entry details an Improper Resource Shutdown or Release vulnerability in KrakenD products. Affected: KrakenD-CE (CircuitBreaker modules) prior to 2.13.1; KrakenD-EE (CircuitBreaker modules) prior to 2.12.5. Impact and exploit details are not fully provided beyond the vulnerabilit...

python-pyasn1 security update

0.6.2-1 - Update to 0.6.2 - Update modules to 0.4.2 Resolves: RHEL-148142...

📄 sudo 1.9.17 chroot Privilege Escalation

This Metasploit module exploits CVE-2025-32463, a local privilege escalation vulnerability in Sudo's chroot functionality. The vulnerability allows attackers to load malicious NSS Name Service Switch modules from within a chroot environment, leading to arbitrary code execution as root...

CVE-2026-27452

ASN.1 TypeScript ESM library, including codecs for Basic Encoding Rules BER and Distinguished Encoding Rules DER. In versions 11.0.5 and below, in some cases, decoding an INTEGER could leak the underlying ArrayBuffer. This issue is expected to be fixed in version 11.0.6...

Redteam-Automation

🔴 AI-Driven Red Team Simulation Framework A production-ready...

CVE-2026-26974

Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports /.plugin.js,mjs files including those from nodemodules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or required. All projects...

SUSE CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...