EUVD-2026-38021

A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 and R2 that could allow unauthorized access to attachment files due to insufficient access control...

PT-2026-50881

Name of the Vulnerable Software and Affected Versions FlexNet Manager Suite 2025 R1 Description An issue exists where an authenticated user with read-only access to account settings can escalate their privileges to the Administrator level. Recommendations At the moment, there is no information...

CVE-2026-12289

CVE-2026-12289 describes a privilege-escalation vulnerability in the Graphics: WebRender component. The public description and connected advisories indicate this affects Mozilla Firefox and Thunderbird products, with fixes shipped in: Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbi...

CVE-2026-21012

External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege...

CVE-2026-21003

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

CVE-2026-21028

Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...

EUVD-2026-34797

Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...

CVE-2026-21017

Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...

EUVD-2026-29902

Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier...

CVE-2026-21016

Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. Versions before Samsung Mobile Devices SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities were due to improper permission allocatio...

PT-2026-40573

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release

The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

EUVD-2026-21816

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

CVE-2026-21008

Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information...

CVE-2026-21007

Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard...

PT-2026-32266

Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information...

CLEANSTART-2026-JF28061 Security fixes for CVE-2026-24051, CVE-2026-26958, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3 applied in versions: 2.19.0-r0, 2.19.0-r1

Multiple security vulnerabilities affect the keda package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-20992

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application...