1553 matches found
EUVD-2026-40884
UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte network-supplied reasonLen field type CARD32 is passed as reasonLen+1 to CheckBufferSize. Because both...
CVE-2026-7838
UltraVNC viewer up to 1.8.2.2 is affected by an integer overflow leading to a heap buffer overflow in the RFB failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte reasonLen field is used as reasonLen+1 in CheckBufferSize(); with unsigned 32-bit operands, reasonLen 0xFFFFFF...
CVE-2026-7838 UltraVNC viewer heap buffer overflow via integer overflow in RFB connection-failure reason length
UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte network-supplied reasonLen field type CARD32 is passed as reasonLen+1 to CheckBufferSize. Because both...
CVE-2026-53091
The CVE-2026-53091 issue concerns the Linux kernel’s handling of GSO packet headers during qdisc_pkt_len_segs_init(). The root cause is that many ndo_start_xmit() paths assume headers are already in skb->head, while tso_build_hdr() may copy from skb->data, and qdisc_pkt_len_segs_init() diss...
PT-2026-51985
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the handling of Generic Segmentation Offload GSO packet headers. The qdisc pkt len segs init function fails to properly pull headers into the expected memory location,...
GHSA-VM85-HXW5-5432 guzzlehttp/psr7: CRLF Injection in HTTP Start-Line Serialization
Impact guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request method, protocol version, and response reason phrase. If an application placed attacker-controlled data into one of those fields and later serialized the PSR-7 message as raw HTTP/1.x...
ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`
A flaw was found in ws, an open source WebSocket client and server for Node.js. The websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memor...
CVE-2026-47188
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban and /unwarn still echo user-controlled reason text in public bot messages without allowedMentions. A...
CVE-2026-47188
Quest Bot is an open‑source Discord bot for moderation. CVE-2026-47188 describes a vulnerability in versions prior to 1.0.5 where the /unban and /unwarn commands echo user-provided reason text in public bot messages without respecting allowedMentions, enabling mass pings via @everyone or @here. I...
CVE-2026-47175 Quest Bot: Moderation reason fields allow bot-powered `@everyone` / `@here` pings
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies without disabling mention parsing. A moderator who does not have permission to mention everyone can...
CVE-2026-47173 Quest Bot: Ticket reason allows mass-mention injection
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a ticket with a reason containing @everyone, @here, user mentions, or role mentions. When the ticket is created, the bot posts the attacker-controlled reason...
CVE-2026-9015
The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
CVE-2026-45736
A flaw was found in ws, an open source WebSocket client and server for Node.js. The websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memor...
PT-2026-46907
CVE-2026-42029 - Vendor Product: Vulnerability Type CVE ID :CVE-2026-42029 Published : June 2, 2026, 10:16 p.m. | 36 minutes ago Description :Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...
CVE-2026-9015
The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
PT-2026-44220
The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Added bpfprogrundatapointers syzbot found that clsbpfclassify can change tcskbcbskb-dropreason, triggering a warning in skskbreasonDrop. WARNING: CPU: 0, PID: 5965, at net/core/skbuff.c:1192 skskbreasonDrop,...
Astra Linux – Vulnerability in rabbitMQ-server
Pivotal RabbitMQ versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, as well as RabbitMQ for Pivotal Platform versions 1.16.x prior to 1.16.7 and 1.17.x prior to 1.17.4, contain a web management plugin that is vulnerable to a denial-of-service attack. The “X-Reason” HTTP header can be...
ws: Uninitialized memory disclosure
Impact The websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. Proof of concept js import deepStrictEqual from 'node:assert'; import WebSocket, WebSocketServer from 'ws'; const wss = new WebSocketServer port: 0,...
GHSA-58QX-3VCG-4XPX ws: Uninitialized memory disclosure
Impact The websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. Proof of concept js import deepStrictEqual from 'node:assert'; import WebSocket, WebSocketServer from 'ws'; const wss = new WebSocketServer port: 0,...