CVE-2026-37554

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

PT-2026-36495

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service can be triggered through the manipulation of the amf nudm sdm handle provisioned function located in the /src/amf/nudm-handler.c file within the AMF component...

PT-2026-36531

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get style guide/get best practices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public a...

PT-2026-36536

Name of the Vulnerable Software and Affected Versions astro-mcp-server versions prior to 1.1.2 Description A flaw in the MCP Tool Query Construction component, specifically within a function in the src/index.ts file, allows for remote SQL injection. This occurs when the request.params.arguments...

EUVD-2026-26465

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-7501

A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2026-7501

The CVE pertains to LinkStackOrg LinkStack (up to version 4.8.6). The vulnerability affects the editPage function in app/Http/Controllers/UserController.php, caused by manipulation of the pageDescription argument which enables cross-site scripting. Exploitation is possible remotely and public exp...

JLSEC-2026-367 A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the...

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiate...

JLSEC-2026-373

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

JLSEC-2026-366 A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the...

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

CVE-2026-21728

A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service DoS by impacting the availability of the service...

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

SUSE CVE-2026-7340

Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

PT-2026-36258

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

EUVD-2026-26298

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

CVE-2026-7417

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

CVE-2026-7417

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

GHSA-3JMQ-QHG3-F58J mcpo-simple-server has a Path Traversal issue

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function deletesharedprompt of the file src/mcposimpleserver/services/promptmanager/basemanager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate t...

CVE-2026-7404 getsimpletool mcpo-simple-server base_manager.py delete_shared_prompt path traversal

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function deletesharedprompt of the file src/mcposimpleserver/services/promptmanager/basemanager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate t...