OSV-2026-752 Heap-buffer-overflow in Mat_VarGetStructsLinear

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513434228 Crash type: Heap-buffer-overflow WRITE 8 Crash state: MatVarGetStructsLinear matiostructcellfuzzer.cpp...

PT-2026-41572

Name of the Vulnerable Software and Affected Versions xiandafu beetl versions prior to 3.20.3 Description Improper neutralization of special elements in an expression language statement allows for remote exploitation. The issue exists within the SpELFunction component, specifically in an unknown...

PT-2026-41537

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs timer add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available...

PT-2026-41626

CVE-2025-70563 Full disclosure https://t.co/NYn5GJR8kA...

PT-2026-41538

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...

OSV-2026-750 Heap-buffer-overflow in MqttDecode_Props

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513047073 Crash type: Heap-buffer-overflow READ 1 Crash state: MqttDecodeProps MqttDecodeDisconnect MqttClientDecodePacket...

OSV-2026-748 Heap-buffer-overflow in p11_lexer_next

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513102821 Crash type: Heap-buffer-overflow READ 2 Crash state: p11lexernext p11persistread p11parserformatpersist...

OSV-2026-747 Heap-buffer-overflow in coap_persist_startup_lkd

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513035615 Crash type: Heap-buffer-overflow READ 8 Crash state: coappersiststartuplkd persisttarget.c...

OSV-2026-743 UNKNOWN READ in persist_target.c

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513282269 Crash type: UNKNOWN READ Crash state: persisttarget.c...

[SECURITY] Fedora 44 Update: rsync-3.4.1-7.fc44

Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...

Vulnerability-Scanner-using-Ollama-3-

Vulnerability Scanning & Exploitation Toolkit A Python-based...

CVE-2021-47967 PHP Timeclock 1.04 Multiple Cross-Site Scripting via Parameters

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can append malicious payloads to login.php, timeclock.php, audit.php, and timerpt.php endpoints, o...

CVE-2021-47967

CVE-2021-47967 affects PHP Timeclock 1.04 with multiple cross-site scripting (XSS) vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can target login.php, timeclock.php, audit.php, and timerpt.php endpoints...

CVE-2021-47967

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can append malicious payloads to login.php, timeclock.php, audit.php, and timerpt.php endpoints, o...

X-Omega-Hack

X-Omega-Hack X-Omega-Hack v9.0 - Tool hacking all in one buat...

CVE-2026-8554

A type confusion flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499131214...

CVE-2026-44088

creationtimestamp| type| source ---|---|--- 2026-05-15 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-44088 2026-05-15 11:26:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlv7x6j6yd2e...

PT-2026-41417

Claude Mythos Preview case studies also, read your transcripts! https://t.co/drNlAH5mLE "Mythos demonstrates its bug reproduction and exploitation capabilities on CVE-2024-051912, an in-the-wild exploited bug that has no public report nor a working PoC whatsoever in the public domain. This bug ha...

Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access)

Summary The POST /api/v1/notes/id/pin endpoint performs a write operation toggling the ispinned field but only checks for read permission. Users with read-only access to a shared note can pin/unpin it, which is a state-modifying action that should require write permission. All other write endpoin...

CVE-2026-42159

creationtimestamp| type| source ---|---|--- 2026-05-14 17:59:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mltfhkplug2k...