PT-2026-43079

Name of the Vulnerable Software and Affected Versions Apache Syncope versions 3.0 through 3.0.16 Apache Syncope versions 4.0 through 4.0.5 Apache Syncope version 4.1.0 Description An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL Java Expression Language...

GNU LibreDWG 缓冲区错误漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A buffer error vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from an out-of-bounds read in the bitconvertTU function of the programs/dwggrep.c file in the Dwggrep Utili...

RockyLinux 8 : kernel (RLSA-2026:19666)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19666 advisory. kernel: Fragnesia is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel...

Malicious code in @jonusnattapong/claudecode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a08b3e13079279fb9dce40859dd868b0953bec139996eb7ac915a7dc415b29c Package is a third-party reconstruction of Anthropic's Claude Code CLI that misrepresents itself as the official product. package.json describes itse...

EUVD-2026-31565

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.16. This vulnerability affects the function isblockeddevice of the file tools/filetools.py of the component readfile Tool. Performing a manipulation results in path traversal. The attack may be initiated remotely. The...

CVE-2026-9351

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.16. This vulnerability affects the function isblockeddevice of the file tools/filetools.py of the component readfile Tool. Performing a manipulation results in path traversal. The attack may be initiated remotely. The...

CLSA-2026-1779581754 tigervnc: Fix of CVE-2026-34000

CVE-2026-34000: widen bounds check in CheckSetGeom to cover both key alias names 2 XkbKeyNameLength and prevent out-of-bounds read of uninitialized memory in XkbAddGeomKeyAlias...

ROS-20260524-73-0032

A vulnerability in the vim text editor is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260524-73-0016

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

PT-2026-45893

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=515663946 Crash type: Container-overflow READ 1 Crash state: OpenBabel::MDLFormat::ReadV3000Block OpenBabel::MDLFormat::ReadMolecule OpenBabel::OBConversion::Read...

Hermes Agent 路径遍历漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring self-learning capabilities. Versions of Hermes Agent prior to 2026.4.16 contained a path traversal vulnerability. This vulnerability originated from the isblockeddevice function in the tools/filetools.py file within the readfi...

CVE-2026-48136 - Authenticated Administrator Role-Based Access Control Bypass in Compliance

Symptoms - When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain CMA can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access...

PT-2026-42907

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 2026.4.17 Description A flaw in the read file Tool within the tools/file tools.py file affects the is blocked device function. This issue allows a remote attacker to perform a path traversal, which i...

ROS-20260524-73-0019

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

Malicious code in lhisp-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9ba8f52d22e4435a81a1ffe643e4bb25b0e64fff60c585cac35c164e4ccb24f The package is published as a generic logging library but configures a pino-loki transport whose destination defaults to...

RLSA-2026:19664 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in th...

RLSA-2026:19666 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-46300 kernel: Read root-owned fil...

CLSA-2026-1779496075 vim: Fix of CVE-2026-45130

CVE-2026-45130: fix heap buffer overflow in readcompound in src/spellfile.c...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the core sequence parsing process. An attacker can cause a crash or denial of service by providing a specially crafted HEIF file that manipulates the stco.entrycount, saio.entrycount, and saiz.samplecount values to...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the SampleAuxInfoReader constructor when parsing a specially crafted HEIF sequence file containing a saiz box that declares more samples than exist in the track's chunk table. An attacker can cause a heap buffer...