CVE-2026-7166 Multiple vulnerabilities in the Assassin game by Gaudire

Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on...

EUVD-2026-38120

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, it triggered some edge-case bugs, particularly some integer overflows related to...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid cycles in the h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. This can easily lead to the kernel corrupting tree nodes that have already been verified during...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: hso: Fixed the issue of null-ptr-deref during tty device unregistration. Multiple ttys attempt to claim the same minor number, resulting in a double unregistration of the same device. The first unregistration succeeds, but t...

CVE-2026-50643

The CVE-2026-50643 entry concerns the 8cc compiler. It describes an Out-of-Bounds Read caused by improper handling of #line directives and GNU linemarkers, where attacker-controlled filename and line-number metadata is used without validation when accessing source line arrays. This can lead to ou...

EUVD-2026-37864

The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing per-calendar ownership checks in the cpabcappointmentscalendarload2 function, which is reachable vi...

CVE-2026-0057

CVE-2026-0057 affects the Android Contacts Provider. A missing permission check can allow an attacker to read an incoming call’s phone number and related metadata, enabling local information disclosure without extra execution privileges, and exploitation does not require user interaction. The iss...

CVE-2026-35285

Technical details for CVE-2026-35285 are not publicly available in the provided documents. No affected products, vulnerable components, exploit information, or remediation are disclosed here. Monitor for updates from official sources.

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

[SECURITY] [DLA 4630-1] openssl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4630-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout June 15, 2026 https://wiki.debian.org/LTS -...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2026:2367-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2367-1 advisory. This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. -...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2026:2366-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2366-1 advisory. This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. -...

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

EUVD-2026-36516

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

Uncaught Exception

Overview @grpc/grpc-js is a gRPC Library for Node Affected versions of this package are vulnerable to Uncaught Exception via the handling of invalid incoming HTTP/2 stream initiation. An attacker can cause the server process to crash by sending a specially crafted malformed request. Remediation...

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...

SUSE-SU-2026:2367-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. - CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. - CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708...

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...

SUSE-SU-2026:2366-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. - CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. - CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708...