CVE-2026-2379

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

CVE-2026-7473 Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

CVE-2026-7473

CVE-2026-7473 affects Arista EOS tunnel decapsulation: VXLAN, GRE, IP-in-IP, GUE, and decap-groups can cause decapsulation of non-configured tunnel traffic when the destination IP matches the configured decap IP. Root cause: the switch does not verify the tunnel protocol type, enabling unintended...

EUVD-2026-34858

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

CVE-2026-8714 Denial-of-Service Vulnerability in RTSP Input Handling on TP-Link's Tapo C520WS

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

EUVD-2026-34855

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin

Summary The client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that check, so a crafted link such as...

GHSA-RVP5-9P55-F5RP NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin

Summary The client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that check, so a crafted link such as...

OESA-2026-2570 gvfs security update

Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...

OESA-2026-2567 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. Security Fixes: ROHC...

OESA-2026-2566 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. Security Fixes: ROHC...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2026-33829 Este repositorio contiene una herramienta auto...

BIT-PYTHON-MIN-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

BIT-PYTHON-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

BIT-LIBPYTHON-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

Drift-Protocol-Exploit-2026

Case Study: Drift Protocol $285M Logic Exploit April 2026 A...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744-MCPJAM-RCE-exploit This Python proof-of-concept...

[SECURITY] Fedora 44 Update: libre-4.8.1-1.fc44

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...