MINI-WW26-F2C9-FR9R

Bulletin has no description...

MINI-C674-9P34-MGX2

Bulletin has no description...

EUVD-2021-34804

memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character buffers into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...

MINI-R38V-RPFW-R639

Bulletin has no description...

MINI-C7HM-8MPV-2FXX

Bulletin has no description...

CVE-2021-47944

memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character buffers into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...

samsung-exploits

Samsung Exynos 4412 Kernel Exploits Device: Samsung Galax...

memono Notepad 安全漏洞

Memono Notepad is a lightweight note-taking app developed by Memono Corporation, designed for concise recording and text management. Version 4.2 of Memono Notepad contains a security vulnerability. This vulnerability stems from the practice of pasting excessively long characters into note fields,...

PT-2026-39518

memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character buffers into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...

Nutanix AOS : (NXSA-AOS-7.3.1.9)

The version of AOS installed on the remote host is prior to 7.3.1.9. It is, therefore, affected by a vulnerability as referenced in the NXSA-AOS-7.3.1.9 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly...

CVE-2026-42291

SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links for personal notes is not properly authorized. This allows authenticated attackers who obtain the note ID of victim users to list and...

EUVD-2026-28848

SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links for personal notes is not properly authorized. This allows authenticated attackers who obtain the note ID of victim users to list and...

CVE-2026-45148

creationtimestamp| type| source ---|---|--- 2026-05-08 03:05:45+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-fmh9-gpqh-g53g...

CVE-2026-45147

creationtimestamp| type| source ---|---|--- 2026-05-08 02:49:57+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-6r88-8v7q-q4p2...

SysReptor 安全漏洞

SysReptor is an open-source penetration testing report platform developed by Syslifters. Versions of SysReptor from 2026.4 to 2026.27 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization at the endpoints when reading and creating personal note-sharing link...

PT-2026-38673

Name of the Vulnerable Software and Affected Versions cPanel versions prior to 11.136.0.9 cPanel versions prior to 11.136.1.10 WP Squared cPanel versions prior to 11.134.0.25 cPanel versions prior to 11.132.0.31 cPanel versions prior to 11.130.0.22 cPanel versions prior to 11.126.0.58 cPanel...

Linux Distros Unpatched Vulnerability : CVE-2026-43339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: prevent possible UaF in addrconfpermanentaddr The mentioned helper try to warn the user about an exceptional condition, but the message is delivered too...

GHSA-G49P-4QXJ-88V3 Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution

Description The Note Mark application allows authenticated users to upload assets to notes via POST /api/notes/noteID/assets, where the asset filename is provided through the X-Name HTTP request header. This value is stored directly in the database without any sanitization or validation - no path...

CVE-2025-67202

creationtimestamp| type| source ---|---|--- 2026-05-07 17:35:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlbquckepu2p...

MGASA-2026-0112 Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...