📄 CairoSVG Denial of Service

CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability. CVE-2026-31899: Exponential DoS via Recursive Element Amplification in CairoSVG Keywords: CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification,...

MiracleLinux 9 : java-17-openjdk-17.0.19.0.10-2.el9.ML.1 (AXSA:2026-599:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-599:08 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux...

Advisory ROSA-SA-2026-3268

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-3 affected versions kernel-5.10-5.10.244-3 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Linux kernel xfrm subsystem ESP allows data decryption over non-packet skb...

Exploit for CVE-2026-36980

CVE-2026-36980-Kernel-BSOD-DoS-PoC Project Date : Feb 2026 / D...

CyberThreat-Nlp-Intelligence-System

🛡️ CyberGuard AI — Cyber Threat Intelligence System An AI-p...

pocxgen-agent

PoCXGen Agent An LLM-orchestrated multi-agent pipeline for au...

Exploit for Missing Authentication for Critical Function in Flowiseai Flowise

Overview This repository combines two critical vulnerabilities i...

Exploit for CVE-2025-4396

CVE-2025-4396 Exploit: Relevanssi SQL Injection Time-Based...

Governing AI-Assisted Security Operations: A Design Science Framework for Operational Decision Support

Engineering managers increasingly must decide how to introduce generative artificial intelligence AI, retrieval-augmented generation, and coding agents into high-risk operational functions without weakening accountability, privacy, cost discipline, or auditability. The central message of this stu...

SUSE SLES12 Security Update : vim (SUSE-SU-2026:1764-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1764-1 advisory. This update for vim fixes the following issue: Security fixes: - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file rea...

openSUSE 16 Security Update : google-cloud-sap-agent (openSUSE-SU-2026:20669-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20669-1 advisory. This update for google-cloud-sap-agent fixes the following issue: - CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty...

Security Bulletin: Multiple Vulnerabilities in watsonx.data

Summary Multiple vulnerabilities were addressed in watsonx.data 2.3.1 patch 2 version, which were present in different version from watson.data 2.2 to watsonx.dat 2.3 Vulnerability Details CVEID:CVE-2025-13466 DESCRIPTION: body-parser 2.2.0 is vulnerable to denial of service due to inefficient...

shenlong-cve-mcp

shenlong-cve-mcp The MCP Server from the Shenlong Vulnerabil...

SUSE CVE-2026-43247

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. The root cause was to enter suspend mode because timeout of autosuspend delay happened. 48.834439...

GHSA-V6WJ-C83F-V46X @profullstack/mcp-server vulnerable to OS Command Injection in domain_lookup Module

Security Advisory: OS Command Injection in profullstack/mcp-server domainlookup Module Field | Value -- | -- Project | profullstack/mcp-server Repository | https://github.com/profullstack/mcp-server Affected Commit | 2e8ea913573610667ad54e31dba2e8198ebf7cf9 Affected Module | mcpmodules/domainlook...

@profullstack/mcp-server vulnerable to OS Command Injection in domain_lookup Module

Security Advisory: OS Command Injection in profullstack/mcp-server domainlookup Module Field | Value -- | -- Project | profullstack/mcp-server Repository | https://github.com/profullstack/mcp-server Affected Commit | 2e8ea913573610667ad54e31dba2e8198ebf7cf9 Affected Module | mcpmodules/domainlook...

Linux Distros Unpatched Vulnerability : CVE-2026-43467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix crash when moving to switchdev mode When moving to switchdev mode when the device doesn't support IPsec, we try to clean up the IPsec resources...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-017333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017333 advisory. Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016810)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016810 advisory. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non- linearly with respect to the size of the certificate. This...

GHSA-G8R3-5HWF-QP96 epa4all-client has a VAU Signature bypass

Impact In SignedPublicKeysTrustValidatorImpl.isTrusted, the ECDSA signature verification at line 45 discards the boolean return value of Signature.verify. The method performs certificate chain validation, OCSP check, and signature algorithm setup, but never checks whether the signature actually...