GHSA-524G-X36V-9WM6 Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

PT-2026-44587

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue exists in ANGLE, which is a compatibility layer between OpenGL ES and native graphics APIs. This flaw allows a remote attacker to execute arbitrary code within a...

PT-2026-44559

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue exists in Views, which allows a remote attacker to execute arbitrary code. This is achieved by convincing a user to perform specific UI gestures while interactin...

PT-2026-44636

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds read in ANGLE Almost Native Graphics Layer Engine on Windows allows a remote attacker to execute arbitrary code through a crafted HTML page. Recommendations Update to...

PT-2026-44588

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds write occurs in ANGLE, which is a compatibility layer that allows OpenGL ES to run on various graphics APIs. This issue allows a remote attacker to execute arbitrary...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the ANGLE component’s ability to reuse resources after release, potentially allowing remote attackers to execute...

PT-2026-44649

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in ANGLE allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free occurs when an applicatio...

PT-2026-44161

Name of the Vulnerable Software and Affected Versions Yamcs versions 4.7.3 through 5.12.6 Description The Nashorn ScriptEngine used to evaluate user-supplied algorithm text is constructed without a ClassFilter. This allows a user with the ChangeMissionDatabase privilege to execute arbitrary Java...

PT-2026-44160

Summary The compliance-trestle library's remote fetching cache mechanism HTTPSFetcher and SFTPFetcher constructs the local cache file path from the URL path component without sanitizing path traversal sequences ../. When a remote OSCAL profile references a URL with traversal in its path, the HTTP...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of ANGLE components after their release, which could allow remote attackers to execute arbitrary code...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by integer overflow in Skia. This vulnerability could allow remote attackers to execute arbitrary code in the sandbox by using a specially crafted HT...

PT-2026-44592

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in Base allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free occurs when an application continues to use a pointer afte...

Amazon Linux 2023 : php8.5, php8.5-bcmath, php8.5-cli (ALAS2023-2026-1733)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1733 advisory. uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability, which stemmed from a reuse issue within WebXR. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox throug...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Proxy component’s ability to reuse resources after they were released, potentially allowing remote attackers...

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a race condition vulnerability, which was caused by race conditions in WebAudio. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a...

CVE-2026-36540

Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skkset.cgi endpoint. The password and newpwdconfirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...

PT-2026-44000

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

PT-2026-44075

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. Since the background scan daemon loads this file via Python's exec, injected code executes as the...

CVE-2026-38426

The CVE-2026-38426 issue affects Arendst Tasmota, v15.3.0.3 and earlier, via the xdrv_10_scripter.ino fetch_jpg()/jpg_task.boundary[40] path. A strcpy() overrun of boundary[40] can corrupt adjacent fields, including vtable pointers for WiFiClient/HTTPClient, enabling remote code execution on ESP3...