CVE-2026-9056 Security fix for Qlik Talend Administration Center cross-site scripting vulnerability

A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a different user...

Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS

Impact A vulnerability has been identified in the SUSE Virtualization Harvester Rancher integration mechanism where by default the registration client uses an insecure TLS option that fails to verify the remote server’s certificate. This security gap could allow the execution of a man-in-the-midd...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the internal IPv4 header length in the IPTFS payload. This vulnerability ma...

@01.software/sdk (>=0.0.1-251008.90016 <=0.2.3), @adenta/cms (>=0.0.6 <=1.1.1-0) +32 more potentially affected by CVE-2026-34750 via payload (>=3.0.0-alpha.46 <=3.78.0-internal.5219978)

payload NPM version =3.0.0-alpha.46, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 - @remy90/payload-conditions-plugin =0.2.2 and more Source cves: CVE-2026-34750 Source advisory: SNYK:JS-PAYLOAD-15873857...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +77 more potentially affected by CVE-2026-34749 via payload (>=0.12.3 <=3.79.0)

payload NPM version =0.12.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =1.1.29 - @linkshop/ui-components =1.0.1 and more Source cves: CVE-2026-34749 Source advisory: OSV:GHSA-P6MR-XF3R-GHQ4...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +33 more potentially affected by CVE-2026-34749 via payload (>=3.0.0-alpha.46 <=3.79.0)

payload NPM version =3.0.0-alpha.46, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 and more Source cves: CVE-2026-34749 Source advisory: SNYK:JS-PAYLOAD-15873856...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +77 more potentially affected by CVE-2026-34746 via payload (>=0.12.3 <=3.79.0)

payload NPM version =0.12.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =1.1.29 - @linkshop/ui-components =1.0.1 and more Source cves: CVE-2026-34746 Source advisory: OSV:GHSA-6R7F-Q7F5-WPX8...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +77 more potentially affected by CVE-2026-34747 via payload (>=0.12.3 <=3.79.0)

payload NPM version =0.12.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =1.1.29 - @linkshop/ui-components =1.0.1 and more Source cves: CVE-2026-34747 Source advisory: OSV:GHSA-7XXH-373W-35VG...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +33 more potentially affected by CVE-2026-34747 via payload (>=3.0.0-alpha.46 <=3.79.0)

payload NPM version =3.0.0-alpha.46, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 and more Source cves: CVE-2026-34747 Source advisory: SNYK:JS-PAYLOAD-15873855...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +33 more potentially affected by CVE-2026-34751 via payload (>=3.0.0-alpha.46 <=3.79.0)

payload NPM version =3.0.0-alpha.46, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 and more Source cves: CVE-2026-34751 Source advisory: SNYK:JS-PAYLOAD-15871108...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +77 more potentially affected by CVE-2026-34751 via payload (>=0.12.3 <=3.79.0)

payload NPM version =0.12.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =1.1.29 - @linkshop/ui-components =1.0.1 and more Source cves: CVE-2026-34751 Source advisory: OSV:GHSA-HP5W-3HXX-VMWF...

Payload SQL注入漏洞

Payload is a headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Versions of Payload prior to 3.79.1 contain an SQL injection vulnerability. This vulnerability arises from improper validation of certain request inputs, which may allow SQL queries to execute...

EulerOS 2.0 SP13 : kata-containers (EulerOS-SA-2026-1279)

According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64...

Payload 安全漏洞

Payload is a headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Versions of Payload prior to 3.74.0 have a security vulnerability. This vulnerability stems from an insecure direct object reference within the payload-preferences collection. In environments...

Authorization Bypass Through User-Controlled Key

Overview payload is a Node, React and MongoDB Headless CMS and Application Framework Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the auth collections in multi-auth collection environments using Postgres or SQLite with serial or...

@01.software/sdk (>=0.0.1-251008.90016 <=0.1.4), @adenta/cms (>=0.0.6 <=1.1.1-0) +76 more potentially affected by CVE-2026-25574 via payload (>=0.12.3 <=3.74.0-internal.9c378de)

payload NPM version =0.12.3, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =0.0.1, =0.0.17 and more Source cves: CVE-2026-25574 Source advisory: OSV:GHSA-JQ29-R496-R955...

@01.software/sdk (>=0.0.1-251008.90016 <=0.1.4), @adenta/cms (>=0.0.6 <=1.1.1-0) +32 more potentially affected by CVE-2026-25574 via payload (>=3.0.0-alpha.46 <=3.74.0-internal.9c378de)

payload NPM version =3.0.0-alpha.46, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 - @remy90/payload-conditions-plugin =0.2.2 and more Source cves: CVE-2026-25574 Source advisory: SNYK:JS-PAYLOAD-15239949...

CVE-2021-31345

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions. The total length of an UDP payload set in the IP header is unchecked. This may lead to various side effects, including...

EUVD-2018-15682

Malware in sbrugna...

EUVD-2019-0387

Malware in sbrugna...