CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

Why LLMs Fail: A Failure Analysis and Partial Success Measurement for Automated Security Patch Generation

Large Language Models LLMs show promise for Automated Program Repair APR, yet their effectiveness on security vulnerabilities remains poorly characterized. This study analyzes 319 LLM-generated security patchesacross 64 Java vulnerabilities from the Vul4J benchmark. Using tri-axis evaluation...

CVE-2025-69647

A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed DWARF loclists data with the readelf program can trigger an infinite loop and result in a denial of service. Mitigation To mitigate this vulnerability, do not process untrusted, unverified or...

Microsoft Devices Pricing Program Code Issue Vulnerability

The Microsoft Devices Pricing Program is Microsoft's exclusive device purchasing and pricing mechanism for enterprise customers, partners, or select channels to enjoy customized pricing, terms of business, and support for volume purchases of Surface Series devices such as Surface Laptop, Surface...

CVE-2026-21536

Microsoft Devices Pricing Program Remote Code Execution Vulnerability...

SUSE CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

EUVD-2025-208347

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

The Agile FedRAMP Playbook, Part 4: Reactive Risk Management through Enriched Incident Response

In the final part of our series, we explore Reactive Risk Management. Discover how Wiz for U.S. Government transforms cloud detection and response to help satisfy FedRAMP Rev 5 IR controls and FedRAMP 20x detection benchmarks...

CVE-2026-28010

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Scientia scientia allows PHP Local File Inclusion.This issue affects Scientia: from n/a through = 1.2.4...

CVE-2026-28064

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Edge Decor edge-decor allows PHP Local File Inclusion.This issue affects Edge Decor: from n/a through = 2.2...

EUVD-2026-9885

Microsoft Devices Pricing Program Remote Code Execution Vulnerability...

ROS-20260306-73-0005

A vulnerability in the bpfprogselectruntime function of the kernel/bpf/core.c file of the Linux operating system kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-21536

Microsoft Devices Pricing Program Remote Code Execution Vulnerability...

CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability

...

CVE-2026-21536

Microsoft Devices Pricing Program Remote Code Execution Vulnerability...

CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability

...

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

...

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...