PT-2026-37609

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the drm/atmel-hlcdc component. The atomic destroy state callback fails to free all necessary objects, specifically drm crtc commit objects, by only releasing the...

PT-2026-37415

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the DRM VC4 component of the Linux kernel. The BO array within the hang state is allocated using the kzalloc function in vc4 save hang state but is not released i...

PT-2026-37613

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ceph zero partial object function lacks the proper snapshot context for its OSD write operations. This deficiency can result in data inconsistencies within snapshots. Recommendations...

GHSA-958H-QP3X-Q4GJ AVideo: IDOR in PayPalYPT Plugin Allows Any Authenticated User to Cancel Arbitrary PayPal Subscription Agreements

Summary plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege authenticated user who learns or obtains another user's PayPal billing agreement ID...

GHSA-3QPQ-R242-JQJ7 phpseclib has a CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

Impact Anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc Patches https://github.com/phpseclib/phpseclib/commit/d53d2021bcb9f6a04d5d44ec99e6bbef219a71bc Workarounds No. References...

CVE-2026-43064

CVE-2026-43064 affects the Linux kernel’s dmaengine idxd, where the workqueue for a DSA/IAA device was not released on object release. The underlying cause is that the workqueue remained bound to the freed object, leading to resource leaks. The issue is now fixed: the workqueue is released after ...

CVE-2026-43064

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

CVE-2026-42041

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the Object.prototype.validateStatus property. By polluting this property, all HTTP error responses such as 401, 403, or 500 are silently treated as...

CVE-2026-40858

A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...

WordPress Profile Builder Pro plugin <= 3.14.5 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by 0xbro in WordPress Plugin Profile Builder Pro versions = 3.14.5...

EUVD-2026-27225

The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.0. This is due to missing object-level authorization checks in the /wp-json/generateblocks/v1/dynamic-tag-replacements REST endpoint. The endpoint only verifies that...

CVE-2026-3454

The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.0. This is due to missing object-level authorization checks in the /wp-json/generateblocks/v1/dynamic-tag-replacements REST endpoint. The endpoint only verifies that...

CVE-2026-3454

CVE-2026-3454 affects the WordPress plugin GenerateBlocks (versions &lt;= 2.2.0). The vulnerability is an Insecure Direct Object Reference in the REST endpoint /wp-json/generateblocks/v1/dynamic-tag-replacements . The endpoint only checks user capability (edit_posts) and does not verify that the ...

CVE-2026-2554

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via the 'wcfmdeletewcfmcustomer' due to missing validation on the 'customerid' user...

SUSE CVE-2026-43863

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

EUVD-2026-25588

Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking...

Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking

Summary When Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can a silently intercept and modify every JSON response before the application sees it, or b fully hijack the underlying HTTP transport, gaining access to...

Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`

Vulnerability Disclosure: Invisible JSON Response Tampering via Prototype Pollution Gadget in parseReviver Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical...

Prototype Pollution

Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Prototype Pollution when the Object.prototype has been polluted via a different exploit. The following properties in the HTTP adapter configuration may be manipulated, as...

Prototype Pollution

Overview org.webjars.npm:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Prototype Pollution when the Object.prototype has been polluted via a different exploit. The following properties in the HTTP adapter configuration may be...