Fedora 43 : python-django5 (2026-4d1404fc5d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4d1404fc5d advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

Fedora 44 : python-django5 (2026-9b7a6474a1)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9b7a6474a1 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

Fedora 44 : python-django6 (2026-de6e24ae07)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

CVE-2026-6008

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

CVE-2026-6008 IDOR in Im Park's DijiDemi

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

CVE-2026-6008

CVE-2026-6008 describes an authorization bypass/IDOR in DijiDemi (Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co.). Affected versions are v4.5.12.1 before v4.5.13.0. Root cause: user‑controlled key enables privilege escalation. Impact includes hi...

EUVD-2026-30270

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

CVE-2026-6008 IDOR in Im Park's DijiDemi

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

PT-2026-40914

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

Fedora 42 : python-django5 (2026-b9548393aa)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b9548393aa advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

CVE-2026-7399

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

CVE-2026-7399 IDOR in MeWare Software's PDKS

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

CVE-2026-7399

CVE-2026-7399 describes an authorization bypass via a user-controlled key in MeWare Software Development Inc. PDKS, enabling privilege abuse. Affected: PDKS versions from V16.20200313 up to before VMYR_3.5.2025117. The vulnerability is classified with CVSS 3.1 base score 8.1 (High), with attack v...

EUVD-2026-26371

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

CVE-2026-7399

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

CVE-2026-40556

In the connected Debian/CVE entry, GNU nano is affected by a local permission issue: when the user’s ~/.local directory does not exist, nano creates it with mode 0777, making it world‑writable in environments where the umask is lax. This creates a race window where an attacker could leverage the ...

USN-8204-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

EUVD-2026-25020

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

CVE-2026-35372

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

CVE-2026-35372 uutils coreutils ln Security Bypass via Improper Handling of the --no-dereference Flag

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...