CVE-2026-45447

OpenSSL CVE-2026-45447: A use-after-free in PKCS7_verify() can occur when processing PKCS#7/S-MIME SignedData with an empty digestAlgorithms ASN.1 SET, causing the caller-owned BIO to be freed incorrectly and potentially leading to a crash, heap corruption, or remote code execution. Affected: Ope...

CVE-2026-9213 Insufficient input validation in certain NETGEAR routers

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device...

CVE-2026-9213 Insufficient input validation in certain NETGEAR routers

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device...

CVE-2026-0409

Summary: CVE-2026-0409 affects NETGEAR Orbi 370 series devices prior to version 12.1.2.7. A remote attacker who can intercept and tamper with traffic between the router and the Internet can trigger a remote command execution when the device administrator performs certain management actions. This ...

CVE-2026-0409 Netgear Orbi 370 Series Remote Code Execution vulnerability

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

CVE-2026-9279

Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to childprocess.spawn with the shell: true option, allowing shell...

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

CVE-2026-10520

CVE-2026-10520 affects Ivanti Sentry prior to R10.5.2, R10.6.2 and R10.7.1. It is an OS Command Injection vulnerability that allows a remote unauthenticated user to achieve root-level remote code execution (CVSS v3.1: 10.0, critical, network access, no user interaction). Remediation: upgrade to t...

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Windows Media Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...

Description of the security update for Excel 2016: June 9, 2026 (KB5002877)

Description of the security update for Excel 2016: June 9, 2026 KB5002877 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following security...

DHCP Client Service Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network...

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Windows NTFS Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...

Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 (KB5002873)

Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 KB5002873 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...

Description of the security update for Office 2016: June 9, 2026 (KB5002852)

Description of the security update for Office 2016: June 9, 2026 KB5002852 Summary This security update resolves a Microsoft Office Remote Code Executionvulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2026-45645. Note: To apply this...

Description of the security update for Office Online Server: June 9, 2026 (KB5002875)

Description of the security update for Office Online Server: June 9, 2026 KB5002875 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following securi...