CVE-2026-4390

A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function processresendqueue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...

CVE-2026-8238

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/messagepage' endpoint returns the full content of any conversation message. An unauthenticated attacker can enumerate all conversation messages, including messages from restricted pages, member-only areas, and th...

CVE-2026-7460

mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue fields into DataTables rows, and renders several of those fields as HTML...

CVE-2026-46824

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

CVE-2026-8054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrar...

Oracle E-Business Suite (May 2026 CSPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the May 2026 CSPU advisory. - Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected...

malla: Stored XSS via Meshtastic node names in multiple frontend pages

Node names longname, shortname received via MQTT are stored in SQLite without sanitization and rendered into the DOM without escaping. Any participant on a public Meshtastic MQTT broker can set a malicious node name that executes JavaScript in the browser of every Malla dashboard visitor. Affecte...

CVE-2026-46265

A flaw was found in the Linux kernel's RDMA/hns component. When the sunrpc Sun Remote Procedure Call is in use and a reset is triggered, a workqueue dependency issue can occur during Queue Pair QP destruction. This can lead to a kernel warning related to memory reclaim, potentially causing system...

CVE-2026-46265

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

CVE-2026-46265 RDMA/hns: Fix WQ_MEM_RECLAIM warning

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

CVE-2026-46265

The CVE-2026-46265 issue affects the Linux kernel RDMA/hns path. When sunrpc is in use and a reset occurs, QP destruction may lead to a WQ_MEM_RECLAIM dependency warning during workqueue flushing, risking kernel instability. The fixed code fixes the WQ_MEM_RECLAIM handling in the RDMA/hns path (Q...

PT-2026-46030

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...

PT-2026-46028

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/hns component where a reset triggered while using sunrpc can lead to a WQ MEM RECLAIM warning. This occurs because the hns roce irq workq workqueue lacks the ...

Linux Distros Unpatched Vulnerability : CVE-2026-46176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch...

Linux Distros Unpatched Vulnerability : CVE-2026-46126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ tab...

CVE-2026-45682

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running...

EUVD-2026-33950

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running...

CVE-2026-9844 Vulnerability in navify® Digital Pathology

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

📄 Samba SMB Printer Queue Command Injection / Remote Task Delivery

This Python script is a structured exploitation framework targeting Samba print services exposed over SMB port 445. It focuses on printer-share interaction, payload delivery testing, and command execution workflows through manipulated print job submissions. It's written to target versions 4.22.10...