Linux Distros Unpatched Vulnerability : CVE-2026-42198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during...

Linux Distros Unpatched Vulnerability : CVE-2026-23556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - oxenstored keeps quota related use counts across domain destruction XSA-483, CVE-2026-23556 Xenstored DoS via XSRESETWATCHES command XSA-484, CVE-2026-23557 gra...

Linux Distros Unpatched Vulnerability : CVE-2026-7320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1,...

Linux Distros Unpatched Vulnerability : CVE-2026-23557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with...

GHSA-4J28-22QP-RJCF sqlite-mcp has an Injection issue

A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-7206 dubydu sqlite-mcp entry.py extract_to_json sql injection

A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2026-6779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. CVE-2026-6779 Note that Nessus relies on the...

GHSA-X368-4G9H-FVV4 vLLM makes Use of Uninitialized Resource

A vulnerability was found in vLLM up to 0.19.0. The affected element is the function hasmambalayers of the file vllm/v1/kvcacheinterface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is...

PT-2026-35459

A vulnerability was found in vllm up to 0.19.0. The affected element is the function has mamba layers of the file vllm/v1/kv cache interface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attac...

Linux Distros Unpatched Vulnerability : CVE-2026-31631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce. CVE-2026-31631 Note th...

EUVD-2026-25722

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

CVE-2026-7018

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Research Repository !License: MIThttps://i...

Linux Distros Unpatched Vulnerability : CVE-2026-31540

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/gt: Check setdefaultsubmission before deferencing When the i915 driver firmware binaries are not present, the setdefaultsubmission pointer is not set...

Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication

Summary There is a high-severity authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is deployed behind a trusted upstream proxy. While X-Forwarded- headers such as X-Forwarded-For, X-Forwarded-Host, and X-Forwarded-Proto...

TencentOS Server 3: 389-ds:1.4 (TSSA-2026:0243)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0243 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Fedora 42 : libcap (2026-d4c643a2ba)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d4c643a2ba advisory. An update to patch a security vulnerability. Advisory: https://github.com/AndrewGMorgan/libcapmirror/security/advisories/GHSA-f78v-p5hx-m7hh Changelog Mon Ap...

CVE-2026-5121 affecting package libarchive for versions less than 3.7.7-6

CVE-2026-5121 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...

CVE-2026-4426 affecting package libarchive for versions less than 3.7.7-6

CVE-2026-4426 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...

CVE-2026-4424 affecting package libarchive for versions less than 3.7.7-6

CVE-2026-4424 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...