CVE-2026-10188

A flaw has been found in Tenda W12 3.0.0.74763. This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2026-10187

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

CVE-2026-7195

CVE-2026-7195 affects Progress Sitefinity web services. The issue is CWE-20: Improper Input Validation in Sitefinity versions 14.1.x–14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630. A ...

MGASA-2026-0170 Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

CVE-2026-10127

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has...

CVE-2026-10565

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmmstatesecuritymode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack...

EUVD-2026-33818

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

PT-2026-45683

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm state security mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Paint policy, allowing remote attackers to bypass the same-origin policy...

PT-2026-45886

Name of the Vulnerable Software and Affected Versions johnhuang316 code-index-mcp versions prior to 2.14.1 Description A weakness exists in the is safe regex pattern function within the search code advanced component. A remote attacker can manipulate the regex argument to cause inefficient regula...

PT-2026-46693

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in SVG allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across different origins, by usin...

PT-2026-46521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient data validation in the Animation component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

PT-2026-46758

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in TabGroups allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, via malicious...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Actor component’s ability to reuse resources after release, potentially allowing remote attackers to execute...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from improper implementations in the Password Manager. Remote attackers could exploit this vulnerability through specially crafte...

PT-2026-46718

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds memory access issue exists in ANGLE, a compatibility layer between OpenGL ES and native graphics APIs. This flaw allows a remote attacker to potentially perform out of...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in ServiceWorkers, which could allow remote attackers to exploit the vulnerability through...

PT-2026-46410

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out-of-bounds read and write issue exists in the ANGLE graphics engine. This flaw allows a remote attacker to potentially perform a sandbox escape and execute code on the operating...

Dräger Infinity Acute Care System和Dräger Standalone Infinity M540 patient monitor 数据伪造问题漏洞

The Dräger Infinity Acute Care System and the Dräger Standalone Infinity M540 patient monitor are both products of the German company Dräger. The Dräger Infinity Acute Care System is an emergency monitoring platform that integrates patient monitoring, clinical workstations, and medical informatio...

Apache httpd -- DoS exploit in HTTP/2

Calif security reports: Remote DoS in modhttp2...