17024 matches found
EUVD-2026-40571
Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
PT-2026-54674
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An inappropriate implementation in the V8 engine allows a remote attacker to execute arbitrary code within a sandbox by inducing a user to visit a specially crafted HTML page. V8 is the...
CVE-2026-51947
CVE-2026-51947 affects Pivotal CRM 6.6.4.08 and systems applying patch-ghi-15381-cwe-502-20251225.zip. The vulnerability arises from an incomplete fix for CVE-2026-39253 in the Pivotal.Engine.Client.Services.Conversion.dll, enabling remote code execution via network access. The issue is fixed in ...
CVE-2026-56413 OS Command Injection in StoneFly Storage Concentrator
Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...
CVE-2026-13967
The CVE-2026-13967 entry concerns a heap buffer overflow in V8 (Chrome) prior to version 150.0.7871.47. A crafted HTML page could allow a remote attacker to execute arbitrary code inside the browser sandbox. The issue is reported with a Chromium severity of Medium and a CVSS base score of 8.8 (Hi...
CVE-2026-13965
Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13830
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: High...
EUVD-2026-40377
Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...
mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer
A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...
PT-2026-54006
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.28 Description The software fails to detect malicious pickle files that utilize the torch.utils.collect env.run function within reduce methods. This allows attackers to embed hidden code in pickle files, which...
PT-2026-53976
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An HTML injection flaw allows a remote attacker to inject malicious HTML code. When this code is viewed, it is executed in the victim's web browser within the security...
PT-2026-54383
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue in PDFium allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted PDF file. Use after free is a memory corruption flaw th...
PT-2026-54366
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue in DevTools allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory corruption flaw...
PT-2026-53943
Name of the Vulnerable Software and Affected Versions IBM WebSphere Extreme Scale versions 8.6.1.0 through 8.6.1.6 Description The Object Query Language OQL engine resolves class names provided by an attacker using Class.forName and invokes their constructors without an allow-list at three sinks:...
PT-2026-53941
Name of the Vulnerable Software and Affected Versions Orkes Conductor versions 3.21.21 through 3.30.1 Description An unauthenticated remote code execution issue exists that allows remote attackers to execute arbitrary OS commands. This occurs when malicious JavaScript or Python expressions are...
CVE-2026-13751
Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...
CVE-2026-13590
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
PYSEC-2026-519 Ray OS Command Injection vulnerability
A command injection exists in Ray's cpuprofile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication...
PYSEC-2026-296 Insecure deserialization in BentoML
An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...
PYSEC-2026-543 Hugging Face smolagents: Unsafe deserialization in Remote Python Executor leads to RCE
Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication is not required to exploit this...