CVE-2026-46914

...

MINI-4CQH-P78X-W3GC

Bulletin has no description...

CVE-2026-45663

creationtimestamp| type| source ---|---|--- 2026-05-29 17:00:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmyz6hazlc2d...

CVE-2026-48847

Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass...

EUVD-2026-4023

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designingmedia Hostiko hostiko allows Reflected XSS.This issue affects Hostiko: from n/a through 94.3.6...

EUVD-2026-3331

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...

EUVD-2026-3417

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

EUVD-2026-3175

A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/delwork.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

EUVD-2026-2059

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a...

EUVD-2026-2125

Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack...

EUVD-2026-2205

Concurrent execution using shared resource with improper synchronization 'race condition' in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to elevate privileges locally...

EUVD-2026-2317

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 16bits "mode" field loaded from disk are corrupted. According to 1, the permissions...

EUVD-2026-1202

@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp contains a critical path traversal vulnerability in its "readcontent" tool. This vulnerability arises from improper symlink handling in the path validation mechanism...

EUVD-2026-0975

In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720...

EUVD-2026-0954

In mminfra, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267349; Issue ID: MSV-5033...

EUVD-2026-0092

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0371

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0683

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...

EUVD-2026-0727

EUVD-2026-0727...

PT-2026-26143

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cram decode slice function called while reading CRAM records, the value of the mate reference id field was not validated. Later use of this value,...