EUVD-2026-2228

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...

EUVD-2026-2237

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin...

EUVD-2026-2248

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

EUVD-2026-2264

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

EUVD-2026-2285

In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...

EUVD-2026-2297

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtvchannelsiinit creates a temporary list program, service, event and ownership of the memory itself is transferred to the PAT/SDT/EIT tables through...

EUVD-2026-2334

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2findvictimchain syzbot reported a kernel BUG in ocfs2findvictimchain because the clnextfreerec field of the allocation chain list next free slot in the chain list is 0, triggring the...

EUVD-2026-2369

Not used...

EUVD-2026-2389

SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability...

EUVD-2026-2400

EUVD-2026-2400...

EUVD-2026-2220

In Eptura Archibus 2024.03.01.109, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to directory traversal...

EUVD-2026-1948

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...

EUVD-2026-1744

The Contact Form vCard Generator plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wpgvccfcheckdownloadrequest' function in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to export sensitive...

EUVD-2026-1759

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...

EUVD-2026-1765

The Nearby Now Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'datatech' parameter of the nn-tech shortcode in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

EUVD-2026-1805

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on multiple AJAX actions in all versions up to, and including, 1.2.38. This makes it possible for unauthenticated attackers to mark payments as...

EUVD-2026-1783

Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock...

EUVD-2026-1721

An issue in Hero Motocorp Vida V1 Pro 2.0.7 allows a local attacker to cause a denial of service via the BLE component...

EUVD-2026-1512

This vulnerability allows a Backup or Tape Operator to perform remote code execution RCE as root by creating a malicious backup configuration file...

EUVD-2026-1556

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...