PT-2026-27105

Name of the Vulnerable Software and Affected Versions esaml and its forks affected versions not specified Description The software contains a flaw related to XML External Entity XXE processing. An attacker can potentially read local files and include their contents within processed SAML documents...

📄 AVideo Command Injection

The Metasploit exploit module targets a command injection vulnerability in AVideo. This module exploits a base64-encoded command injection flaw in AVideo Encoder's image processing endpoint, turning a simple URL parameter into remote code execution with multiple payload strategies. Versions prior...

PT-2026-27226

OpenClaw before 2026.2.25 lacks durable replay state for Nextcloud Talk webhook events, allowing valid signed requests to be replayed. Attackers can capture and replay previously valid signed webhook requests to trigger duplicate inbound processing and cause integrity or availability issues...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38468)

"In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

SUSE CVE-2026-23278

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

Wavlink WL-WN578W2 命令注入漏洞

Wavlink WL-WN578W2 is a wireless repeater produced by Wavlink Corporation. The Wavlink WL-WN578W2 version 221110 has a command injection vulnerability. This vulnerability stems from incorrect handling of parameters such as dmzflag and delflag in the POST request processing component, which may le...

Next SaaS Stripe Starter 安全漏洞

Next SaaS Stripe Starter is an integrated payment and authentication SaaS project starter developed by mickasmt as a personal developer. Version 1.0.0 of Next SaaS Stripe Starter contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter ‘priceId’ in the...

Acrel Environmental Monitoring Cloud Platform 代码问题漏洞

The Acrel Environmental Monitoring Cloud Platform is an IoT data center operated by Acrel Corporation in China. There is a code vulnerability in the Acrel Environmental Monitoring Cloud Platform 1.1.0 version. This vulnerability stems from an unknown processing mechanism that allows unlimited fil...

EUVD-2019-19854

CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during t...

CVE-2019-25553

CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during t...

CVE-2019-25549

VeryPDF PCL Converter 2.7 has a denial-of-service vulnerability: a local attacker can crash the application by supplying an excessively long password in PDF Security, triggering a buffer overflow when processing PCL files (reported with a ~3000-byte password). The CVSS data indicate local access,...

EUVD-2026-14000

vLLM has RCE In Video Processing...

EUVD-2026-13842

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lazy-loading image processing in all versions up to, and including, 3.1.14. This is due to the use of an overly permissive regular expression in the addlazyload function that replaces all occurrences of \ssr...

EUVD-2026-13834

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

CVE-2026-2430

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lazy-loading image processing in all versions up to, and including, 3.1.14. This is due to the use of an overly permissive regular expression in the addlazyload function that replaces all occurrences of \ssr...

PT-2026-26894

VeryPDF PCL Converter 2.7 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long password string. Attackers can trigger a buffer overflow by entering a 3000-byte password in the PDF Security encryption fields, causing the...

PT-2026-26898

CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during t...

CVE-2026-2430

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lazy-loading image processing in all versions up to, and including, 3.1.14. This is due to the use of an overly permissive regular expression in the addlazyload function that replaces all occurrences of \ssr...

CVE-2026-21732

The CVE-2026-21732 issue affects the GPU shader compiler library (WebGPU shader compilation path) where loading unusual shader code can trigger an out-of-bounds write, causing a crash. An edge case with very large switch values can cause a segmentation fault via OOB access during conversion in th...

CVE-2026-33166 Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)

Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. The Allure report generator prior to version 2.38.0 is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file -result.json,...