4571 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-35251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploi...
Linux Distros Unpatched Vulnerability : CVE-2026-23556
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - oxenstored keeps quota related use counts across domain destruction XSA-483, CVE-2026-23556 Xenstored DoS via XSRESETWATCHES command XSA-484, CVE-2026-23557 gra...
Linux Distros Unpatched Vulnerability : CVE-2026-7349
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via...
Linux Distros Unpatched Vulnerability : CVE-2026-42198
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during...
Linux Distros Unpatched Vulnerability : CVE-2026-7356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-4873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial...
Linux Distros Unpatched Vulnerability : CVE-2026-31786
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first...
GHSA-4J28-22QP-RJCF sqlite-mcp has an Injection issue
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-7206 dubydu sqlite-mcp entry.py extract_to_json sql injection
A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
Linux Distros Unpatched Vulnerability : CVE-2026-6779
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. CVE-2026-6779 Note that Nessus relies on the...
GHSA-X368-4G9H-FVV4 vLLM makes Use of Uninitialized Resource
A vulnerability was found in vLLM up to 0.19.0. The affected element is the function hasmambalayers of the file vllm/v1/kvcacheinterface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is...
PT-2026-35459
A vulnerability was found in vllm up to 0.19.0. The affected element is the function has mamba layers of the file vllm/v1/kv cache interface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attac...
Linux Distros Unpatched Vulnerability : CVE-2026-31631
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce. CVE-2026-31631 Note th...
EUVD-2026-25722
A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...
CVE-2026-7018
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Research Repository !License: MIThttps://i...
Linux Distros Unpatched Vulnerability : CVE-2026-31540
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/gt: Check setdefaultsubmission before deferencing When the i915 driver firmware binaries are not present, the setdefaultsubmission pointer is not set...
Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication
Summary There is a high-severity authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is deployed behind a trusted upstream proxy. While X-Forwarded- headers such as X-Forwarded-For, X-Forwarded-Host, and X-Forwarded-Proto...
Fedora 42 : libcap (2026-d4c643a2ba)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d4c643a2ba advisory. An update to patch a security vulnerability. Advisory: https://github.com/AndrewGMorgan/libcapmirror/security/advisories/GHSA-f78v-p5hx-m7hh Changelog Mon Ap...
TencentOS Server 3: 389-ds:1.4 (TSSA-2026:0243)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0243 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...