CVE-2026-34021

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

CVE-2026-34069

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

CVE-2025-15653

Dräger Zeus Infinity Empowered Zeus IE and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to...

CVE-2025-15653

The affected products are Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations. The vulnerability is a local privilege escalation via unprotected USB interfaces that attackers with physical access can exploit to compromise software integrity. Reported impact includes ...

PT-2026-45864

Name of the Vulnerable Software and Affected Versions Dräger Zeus Infinity Empowered Zeus IE affected versions not specified Dräger Zeus RS C500 affected versions not specified Description A local security issue exists in anesthesia workstations that allows unauthorized individuals with physical...

PT-2026-42534

Name of the Vulnerable Software and Affected Versions Kata Containers runtime-rs versions prior to 3.31.0 Description A symlink escape exists when virtiofsd is run as root with the flags --sandbox none and --seccomp none. A raw FUSE SYMLINK request allows a guest root user to create symlinks owne...

hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's 0.25.0-alpha.3 ... 0.25.2 and hickory-net's 0.26.0-alpha.1 .. 0.26.0 DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fixed potential out-of-bounds access due to an invalid rxstatus-rskeyix parameter. The rxstatus-rskeyix parameter is eventually passed to testbit, so we need to ensure that it is within the allowed range of the bitmap...

annatar (>=0.4.3 <=0.5.8), ansi2png-rs (>=0.1.0 <=0.1.1) +62 more potentially affected by unknown CVE via imageproc (>=0.10.0 <=0.22.0)

imageproc CARGO version =0.10.0, =0.4.3, =0.1.0, =0.2.0, =0.1.5, =0.1.0, =0.1.0, =1.0.0, =0.3.0, =0.1.0, =0.1.0, =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0117...

CVE-2026-27843

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...

CVE-2026-27843

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...

RS Studio Lagom WHMCS Template 安全漏洞

RS Studio Lagom WHMCS Template is a website template and front-end theme developed by the Polish company RS Studio. Versions of the RS Studio Lagom WHMCS Template prior to version 2.4.2 contained security vulnerabilities, which were caused by incorrect handling of the Datatables component. These...

GHSA-XGP8-3HG3-C2MH vulnerabilities

Vulnerabilities for packages: zellij, ntpd-rs, wasmtime, deno, sccache, buck2, sqlx, cargo-audit, rye, wasmcloud, tealdeer, wasm-pack, lychee, ztunnel, samply, zola, py3-xet-core, atuin, pixi, qdrant, parseable, uv, berg, linkerd2-proxy, linkerd-network-validator, zizmor, linkerd-extension-init,...

GHSA-965H-392X-2MH5 vulnerabilities

Vulnerabilities for packages: py3-xet-core, kdash, wasmcloud, qdrant, shadowsocks-rust, wasm-pack, zizmor, ztunnel-fips, asciinema, zellij, linkerd-network-validator, xh, berg, linkerd2-proxy, lychee, fnm, atuin, sentry-cli, cargo-audit, lakekeeper, ztunnel, uv, parseable, tealdeer, deno, ntpd-rs...

GHSA-XGP8-3HG3-C2MH vulnerabilities

Vulnerabilities for packages: py3-xet-core, kdash, wasmcloud, qdrant, shadowsocks-rust, wasm-pack, zizmor, ztunnel-fips, asciinema, zellij, linkerd-network-validator, xh, berg, linkerd2-proxy, lychee, fnm, atuin, sentry-cli, cargo-audit, lakekeeper, ztunnel, uv, parseable, tealdeer, deno, ntpd-rs...

charms-sdk (>=0.3.0 <=0.6.3), kzg-rs (>=0.2.3-sp1-4.0.0 <=0.2.5) +77 more potentially affected by unknown CVE via p3-symmetric (>=0.1.0 <=0.4.3)

p3-symmetric CARGO version =0.1.0, =0.3.0, =0.2.3-sp1-4.0.0, =0.20.0, =0.11.0, =5.2.2, =5.2.5, =5.2.2, =0.1.0, =0.4.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.4.3-succinct and more Source cves: unknown CVE Source advisory: OSV:GHSA-3G92-F9CH-QJCM...

Ubuntu: Security Advisory (USN-8138-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8138-2: tar-rs vulnerability

USN-8138-1 fixed a vulnerability in tar-rs. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a speciall...

USN-8138-2 rust-tar vulnerability

USN-8138-1 fixed a vulnerability in tar-rs. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a speciall...

USN-8168-2 rustc, rustc-1.76, rustc-1.77, rustc-1.78, rustc-1.79, rustc-1.80 vulnerability

USN-8168-1 fixed a vulnerability in Rust. This update provides the corresponding update to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archiv...