EUVD-2026-37731

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2026-49949

CodexBar

EUVD-2026-36234

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

PT-2026-48747

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.22 Description An issue in the Control UI pairing process involves insufficient locality-derived trust validation. This allows attackers with network access to spoof locality information to convert temporary...

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.33.0 contained security vulnerabilities. These vulnerabilities stemmed from credential forwarding, which could allow network adjacent attackers to intercept sensitive...

CVE-2026-47672

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...

CVE-2026-11241

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

CVE-2024-14036

Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-bound read operation in the Media component, which could allow local network attackers to execute...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Cast components after their release, which could allow local network attackers to execute arbitrary...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Payments is one of the payment components included in Google Chrome. Blink is a browser rendering engine developed jointly by Google Inc. and Opera Software AB in Norway. V8 is an open-source JavaScript engine used in...

PT-2026-45863

Name of the Vulnerable Software and Affected Versions Dräger Core version 1.0.5 Dräger M540 Converter Service version 1.0.9 Description A denial of service issue allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC Service-oriented Device...

CVE-2026-43625

CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network path to receive...

CVE-2026-43625

CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network path to receive...

Astra Linux - уязвимость в openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. The supported versions affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. This easily exploitable vulnerability allows an...

PT-2026-38729

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows...

Optoma CinemaX P2 安全漏洞

The Optoma CinemaX P2 is a super-short-throw 4K laser home projector from Optoma. The Optoma CinemaX P2 has a security vulnerability. This vulnerability stems from exposing the Android debugging bridge on port 5555 without authentication, while RSA key verification is disabled. Additionally, ther...

EUVD-2026-28113

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...

BIT-JAVA-MIN-2021-35556

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

BIT-JAVA-2020-14562

Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...