EUVD-2026-37893

Docker Sandboxes sbx blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart-surviving sandbox forwards ICMP to arbitrary hosts. A workload inside a sandbox, which the threat...

CVE-2026-42176 Scoold: Persistent Admin Takeover by Overwriting the admins Configuration Setting via Forged JWT (missing `jti` validation)

Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.67.0, Scoold allows the admins configuration value to be modified through /api/config/set/admins with a forged Bearer token that is accepted as an admin API token. Once that setting is changed, the target email address...

Mozilla: Denial of Service via window.print

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a website called window.print causing a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings...

Mozilla: Denial of Service via window.print

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a website called window.print causing a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings...

Mozilla: Denial of Service via window.print

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a website called window.print causing a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings...

New iPhone malware spies via camera when device appears off

When removing malware from an iOS device, it is said that users need to restart the device to clear the malware from memory. That is no longer the case. Security researchers from ZecOps have created a new proof-of-concept PoC iPhone Trojan capable of doing "fun" things. Not only can it fake a...