CVE-2026-25126

PolarLearn is a free and open-source learning program. Prior to version 0-PRERELEASE-15, the vote API route POST /api/v1/forum/vote trusts the JSON body’s direction value without runtime validation. TypeScript types are not enforced at runtime, so an attacker can send arbitrary strings e.g., "x" ...

BACnet Stack 缓冲区错误漏洞

BACnet Stack is a BACnet open source protocol stack C library for embedded systems, Linux, MacOS, BSD and Windows. A buffer error vulnerability exists in BACnet Stack versions prior to 1.5.0.rc2, which stems from the npduisexpectedreply function failing to validate the presence of an APDU byte,...