CVE-2026-9162

Mattermost vulnerability CVE-2026-9162 affects Mattermost versions 11.7.x ≤ 11.7.0, 11.6.x ≤ 11.6.2, 11.5.x ≤ 11.5.5, 10.11.x ≤ 10.11.17. The issue: global session revocation does not invalidate cached authentication state for active WebSocket connections, allowing a user with an existing WebSock...

WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection

WordPress Visitor Statistics Real Time Traffic plugin before 4.8 does not properly sanitize and escape the refUrl in the refDetails AJAX action, which is available to any authenticated user. This could allow users with a role as low as subscriber to perform SQL injection attacks. id: CVE-2021-247...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHSA-2026:27354 Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Bulletin has no description...

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2026-56208

A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...

Chromium: CVE-2026-12466 Heap buffer overflow in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-12466

A heap buffer overflow flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520199394...

CVE-2026-12461

An out of bounds read flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517727318...

CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

EUVD-2026-37894

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

EUVD-2026-37756

Integer Underflow Wrap or Wraparound vulnerability in RTI Connext Micro Core Libraries allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0...

EUVD-2026-37753

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Web Integration Service allows Filter Failure through Buffer Overflow.This issue affects Connext Professional: from 7.4.0 before 7., from 7.0.0 before 7.3.1.3, from 6.1.2 before 6.1...

EUVD-2026-37770

Heap-based Buffer Overflow vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3., from 5.0.0...

CVE-2026-12447

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-12466

Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

CVE-2026-12461

CVE-2026-12461 affects Google Chrome on Windows, with an out-of-bounds read in WebRTC present in versions prior to 149.0.7827.155. The vulnerability could allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. Mitigation is to update Chrome to 149....

CVE-2026-12447

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...