CVE-2026-6869

WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

EUVD-2026-26312

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7379

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

MeWare PDKS 信息泄露漏洞

MeWare PDKS is a personnel management system for enterprise attendance and access control developed by the Turkish company MeWare. Versions of MeWare PDKS from V16.20200313 to VMYR3.5.2025117 contained an information leakage vulnerability. This vulnerability resulted from the unauthorized...

Hex 安全漏洞

Hex is a package management tool for the Erlang ecosystem developed by Hex Open Source. Versions of Hex from 0.16.0 to 2.4.2 contained security vulnerabilities. These vulnerabilities were due to insufficient verification of data authenticity, which could lead to bypassing dependency integrity...

IBM Langflow Desktop 安全漏洞

IBM Langflow Desktop is a desktop application for AI process orchestration developed by IBM. Versions 1.0.0 to 1.8.4 of IBM Langflow Desktop contain security vulnerabilities. These vulnerabilities stem from indirect object references using user control keys, which may allow unauthenticated users ...

IBM Langflow Desktop 路径遍历漏洞

IBM Langflow Desktop is a desktop application for AI process orchestration developed by IBM. Versions 1.2.0 to 1.8.4 of IBM Langflow Desktop contain a path traversal vulnerability. This vulnerability stems from directory traversal issues, which may allow authenticated attackers to send specially...

Amazon Linux 2023 : perl-Net-CIDR-Lite (ALAS2023-2026-1624)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1624 advisory. Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exact...

PT-2026-36821

Name of the Vulnerable Software and Affected Versions Sentry versions 21.12.0 through 26.4.0 Description A flaw in the SAML SSO implementation allows attackers to take over user accounts in multi-org instances through malicious Identity Providers. If a victim's email is known, an attacker can...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4 contained security vulnerabilities; these vulnerabilities were caused by...

IBM Langflow 安全漏洞

IBM Langflow is a visual process orchestration tool developed by the American multinational company International Business Machines IBM. Versions 1.0.0 to 1.8.4 of IBM Langflow contain security vulnerabilities. These vulnerabilities allow any user to access the flowid, read other users’ transacti...

AlmaLinux 10 : java-21-openjdk (ALSA-2026:9689)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9689 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-41383 via openclaw (>=2026.3.22 <=2026.4.12)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-41383 Source advisory: SNYK:JS-OPENCLAW-16322613...

CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...

GHSA-8RXH-R2P6-7F2Q GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE

Summary A remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not...

GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE

Summary A remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not...

com.baoquan:verax-sdk (=1.0.0), com.easypayx:easypay-blockchain-java-sdk (>=1.0.0 <=1.0.4) +21 more potentially affected by CVE-2026-41586 via org.hyperledger.fabric-sdk-java:fabric-sdk-java (>=1.0.1 <=2.2.26)

org.hyperledger.fabric-sdk-java:fabric-sdk-java MAVEN version =1.0.1, =1.0.0, =1.0.0-RELEASE, =1.0.0-RELEASE, =0.0.1, =1.0.0, =1.0.0, =1.0, =3.16.1, =1.2.0, =1.3.0, =0.10.1, =0.11.5 and more Source cves: CVE-2026-41586 Source advisory: OSV:GHSA-PRF8-CF2X-RHX7...

beetcamp (>=0.18.0 <=0.19.3), beets-alternatives (>=0.11.0 <=0.11.1) +12 more potentially affected by CVE-2026-42052 via beets (>=1.4.9 <=2.0.0)

beets PYPI version =1.4.9, =0.18.0, =0.11.0, =0.3.1, =0.1.0, =1.1.3, =0.1.1, =0.2.0, =0.1.1, =0.4.0 - musicbot =0.9.0 Source cves: CVE-2026-42052 Source advisory: OSV:GHSA-3GXM-WFJX-M847...

africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2767 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)

org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...