CVE-2026-41047

Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3 allowed a local attacker to see otherwise read protected information...

CVE-2026-41047 Information leak via “diff” methods in qSnapper

Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3 allowed a local attacker to see otherwise read protected information...

ROS-20260615-73-0021

The vulnerability of the xfAppUpdateWindowFromSurface function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0043

The vulnerabilities of the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA in the FreeRDP client are related to a memory reclamation error. Exploiting these vulnerabilities could allow an attacker to compromise the accessibility of protected information...

CVE-2025-46293

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

CVE-2025-43278

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

CVE-2025-46315

CVE-2025-46315 describes a permissions issue in macOS Tahoe prior to update. An application may be able to access protected user data due to insufficient restrictions. Affected software is macOS Tahoe; the fix is implemented in macOS Tahoe 26.1. Practical impact is high (C:H/I:N/A:N per CVSS 3.1 ...

CVE-2025-43278

CVE-2025-43278 affects macOS Sequoia prior to 15.4; the issue arises from improper handling of symlinks and is addressed in macOS Sequoia 15.4. The description notes that an app may be able to access protected user data due to this flaw. According to the connected sources, the vulnerability is mi...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.4 had a security vulnerability due to improper handling of symbolic links, which could allow applications to access protected user data...

ROS-20260610-73-0036

The vulnerability of the SDL3 RDP client for FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...

ROS-20260609-73-0003

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

ROS-20260609-73-0037

The vulnerability in Thunderbird is related to a behavior that varies depending on the type of implementation. Exploiting this vulnerability allows an attacker who operates remotely to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260605-73-0104

The vulnerability of the NSS component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected informatio...

ROS-20260605-73-0001

The vulnerability of the Grafana monitoring and observation platform is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

ROS-20260605-73-0027

The vulnerability in Tomcat11 is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

ROS-20260605-73-0060

The vulnerability of the Layout component: Texts and fonts in Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

ROS-20260529-73-0009

The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2026-5434

...

ROS-20260515-73-0011

A vulnerability in the correlation function of the Grafana monitoring and surveillance platform is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

Next.js Framework 12.2.x < 15.5.16 / 16.x < 16.2.5 Information Disclosure

The Next.js Framework on the remote host is affected by an information disclosure vulnerability: - Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less /next/data//.json requests...