PT-2026-45644

Memory corruption while processing fastboot commands with invalid input...

PT-2026-45196

A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

PT-2026-44921

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

PT-2026-44176

This vulnerability in Veeam Service Provider Console allows for remote code execution...

PT-2026-44346

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A deadlock occurs in the cgroup subsystem during the rmdir2 operation. The issue arises when the process calling rmdir is also the reaper of a zombie process that pins a PID namespace...

PT-2026-47091

Unknown description...

OSV-2026-795 Stack-buffer-underflow in probe_dasd_pt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=514896889 Crash type: Stack-buffer-underflow READ 1 Crash state: probedasdpt idinfoprobe partitionsprobe...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: A check for a null descriptor is performed before calling ptcmdcallback. This issue resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver has been exercised. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: The segfault caused by PEBS-via-PT with a sample frequency has been fixed. Currently, using PEBS-via-PT with a sample frequency instead of a sample period causes a segfault. For example: BUG: Kernel NULL pointer...

PT-2026-42171

Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description The spaceless filter is registered with is safe = 'html', causing Twig's autoescaper to skip escaping its output in HTML contexts. This allows attacker-controlled input containing markup to be...

PT-2026-42195

InfoScale VIOM 9.1.3 allows XSS...

PT-2026-42030

Content removed...

PT-2026-41927

Name of the Vulnerable Software and Affected Versions Thunderbird version 150 Firefox version 150 Description Memory safety bugs involving memory corruption may allow an attacker to execute arbitrary code. Recommendations Update Thunderbird to version 151. Update Firefox to version 151...

PT-2026-41625

CVE-2025-70562 Full disclosure https://t.co/TDa8tFYvC3 Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd...

PT-2026-41624

CVE-2025-70561 Full disclosure https://t.co/wAYBU7dfkD...

PT-2026-41037

@hetmehtaa - Cleveland Steamer CVE-2026-80085...

PT-2026-40777

Content removed...

CVE-2026-31232

The CosyVoice project thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading process. When loading model files .pt from a user-specified directory via the --modeldir argument, the code uses torch.load without...

PT-2026-39916

Name of the Vulnerable Software and Affected Versions Apache HTTP Server affected versions not specified Description Details regarding this Server-Side Request Forgery SSRF issue will be published at disclosure. Recommendations At the moment, there is no information about a newer version that...

PT-2026-40389

Name of the Vulnerable Software and Affected Versions Archon OS affected versions not specified Description A flaw in the local API handling allows unauthenticated attackers to perform a web-to-client attack. By inducing a user to visit a malicious website, an attacker can bypass Cross-Origin...