CVE-2026-21511

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-21218

Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-21518

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

CVE-2025-32008

Out-of-bounds write in the firmware for the IntelR AMT and IntelR Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially...

CVE-2025-20080

Null pointer dereference in the firmware for some IntelR AMT and IntelR Standard Manageability within Ring 0: Kernel may allow a denial of service. Network adversary with an unauthenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur...

CVE-2025-32003

Out-of-bounds read in the firmware for some 100GbE IntelR Ethernet Network Adapter E810 before version cvl fw 1.7.6, cpk 1.3.7 within Ring 0: Bare Metal OS may allow a denial of service. Network adversary with an authenticated user combined with a low complexity attack may enable denial of servic...

CVE-2025-20080

CVE-2025-20080 affects firmware for Intel AMT and Intel Standard Manageability. Root cause: null pointer dereference in Ring 0 firmware leading to denial of service. A network attacker with unauthenticated access and high attack complexity may exploit this without user interaction, potentially im...

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network...

Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability

Improper control of generation of code 'code injection' in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network...

MSHTML Framework Security Feature Bypass Vulnerability

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network...

VulnCheck KEV: CVE-2026-21510

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...

PT-2026-7322

Name of the Vulnerable Software and Affected Versions TP-Link Tapo C260 version v1 Description A flaw exists in the firmware of the TP-Link Tapo C260 IP camera related to incorrect path restriction of the directory path name. Successful exploitation allows a remote attacker to gain unauthorized...

iperf3: iperf Heap Buffer Overflow

A flaw was found in iperf3. An off-by-one error in the iperfauth.c file leads to a heap-based buffer overflow, potentially allowing a network attacker to trigger an application-level denial of service. This overflow occurs during the processing of authentication data. The vulnerability can only b...

CVE-2026-2065

A security flaw has been discovered in Flycatcher Toys smART Pixelator 2.0. Affected by this issue is some unknown functionality of the component Bluetooth Low Energy Interface. Performing a manipulation results in missing authentication. The attack can only be performed from the local network. T...

CVE-2026-2065

The CVE-2026-2065 entry concerns Flycatcher Toys smART Pixelator 2.0, specifically the Bluetooth Low Energy Interface. The connected documents provide concrete details: a manipulation of the BLE interface leads to missing authentication, the attack is executable from the local network, and exploi...

CLSA-2026-1770118623 java-1.8.0-openjdk: Fix of CVE-2026-21945

Update to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b03. - CVE-2026-21945: Security component vulnerability allowing unauthenticated attacker with network access to cause hang or crash DoS...

Linux Distros Unpatched Vulnerability : CVE-2026-21948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and...

Linux Distros Unpatched Vulnerability : CVE-2026-21936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0...

Linux Distros Unpatched Vulnerability : CVE-2026-21968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and...

CVE-2026-23568

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...