CVE-2026-1587 Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service

A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwcs11handlemodifybearerrequest of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-1587 Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service

A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwcs11handlemodifybearerrequest of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2026-24681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after...

Linux Distros Unpatched Vulnerability : CVE-2025-4090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox...

CVE-2026-24739 Symfony has incorrect argument escaping under MSYS2/Git Bash on Windows that can lead to destructive file operations

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...

CVE-2026-1522

A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwcs5chandlemodifybearerresponse of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit has...

CVE-2026-1521

A security flaw has been discovered in Open5GS up to 2.7.6. This affects the function sgwcs5chandlebearerresourcefailureindication of the file src/sgwc/s5c-handler.c of the component SGWC. Performing a manipulation results in denial of service. The attack can be initiated remotely. The exploit ha...

CVE-2026-1521 Open5GS SGWC s5c-handler.c denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. This affects the function sgwcs5chandlebearerresourcefailureindication of the file src/sgwc/s5c-handler.c of the component SGWC. Performing a manipulation results in denial of service. The attack can be initiated remotely. The exploit ha...

SUSE CVE-2025-68670

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

Linux Distros Unpatched Vulnerability : CVE-2026-0818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled...

PT-2026-5141

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A flaw exists in Open5GS up to version 2.7.6 that can lead to a denial of service. The issue is located in the sgwc s5c handle modify bearer response function within the src/sgwc/s5c-handler.c file o...

Linux Distros Unpatched Vulnerability : CVE-2026-1504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted...

CVE-2025-55292

CVE-2025-55292 affects Meshtastic, where NodeIDs are derived from MAC addresses instead of public keys, enabling an attacker to forge a NodeInfo and advertise HAM mode (which lacks encryption). This allows other mesh nodes to accept the forged information, overwrite the NodeDB, and route direct m...

CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3

CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3. A patched version of the package is available...

UBUNTU-CVE-2026-22264

Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...

CVE-2026-22262 Suricata datasets: stack overflow when saving a set

Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not us...

CVE-2026-22261 Suricata eve/alert: http1 xff handling can lead to denial of service

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...

CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

CVE-2026-22259 Suricata dnp3: unbounded transaction growth

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...