CVE-2026-43732

A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information...

CVE-2026-43718

A stack overflow was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2026-43716

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2026-43712

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-43676

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2026-43716

CVE-2026-43716 concerns a memory-handling flaw in Safari/WebKit that can cause a crash when processing malicious web content. Affected products include Safari, iOS, iPadOS, and macOS Tahoe; root cause relates to memory handling weaknesses. The issue is fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 2...

CVE-2026-43720

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2026-43732

A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information...

CVE-2026-43676

CVE-2026-43676 affects WebKit-related components used in Safari/WebKit on macOS Tahoe and iOS/iPadOS, with an out-of-bounds access issue addressed by improved bounds checking. The vulnerability leads to potential crashes when processing malicious web content, and is fixed in Safari 26.5.2 (and re...

CVE-2026-43725

CVE-2026-43725 affects WebKit/Web content handling in Apple platforms prior to patch: Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2. Root cause is insufficient input validation that could allow a malicious website to process restricted web content outside the sandbox. Apple securit...

CVE-2026-43734

CVE-2026-43734 is a use-after-free vulnerability in processing maliciously crafted web content, addressed by memory-management fixes. The accompanying disclosures indicate fixes across Apple platforms: Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Affected components in the co...

CVE-2026-43703

CVE-2026-43703 affects macOS Tahoe 26.5.2, iOS 26.5.2, and iPadOS 26.5.2, linked to a memory handling issue in libxslt when processing malicious web content. Root cause: memory handling flaw leading to an unexpected process crash. Consequence: potential disruption of a process due to crafted web ...

PT-2026-53712

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A use-after-free issue, which occurs when a program continues to use a pointer after it has been free...

CVE-2026-13501

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

Malicious code in fsociety-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88731d75288f663967fc64dde12b04eb43a2eb3d4113486bf35b1cf3d89ae537 On import, fsocietytools/init.py loads tokens.py, which at module load time instantiates TokenManager. The constructor concatenates eight large strin...

CVE-2026-54762 vulnerabilities

Vulnerabilities for packages: traefik...

EUVD-2026-39564

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-44622

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-44622 EVoke Systems EVoke CSMS Insufficiently Protected Credentials

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-44622

CVE-2026-44622 affects EVoke Systems EVoke CSMS (charging stations). The vulnerability is described as insufficiently protected credentials, causing authentication identifiers to be publicly accessible via web-based mapping platforms. CVSS v3.1 base score 6.5 (MEDIUM) and CVSS v4.0 base score 6.9...