CVE-2026-1585

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

CVE-2026-28407

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

CVE-2026-28407

CVE-2026-28407 affects malcontent (software for supply‑chain analysis). Prior to version 1.21.0, it could drop or discard nested archives that failed to extract, potentially omitting content from scans. The root cause is the removal of nested archives during processing. Version 1.21.0 fixes the i...

CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

CVE-2026-1585

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

Berry 缓冲区错误漏洞

Berry is a programming language open source by berry-lang. Versions of Berry 1.1.0 and earlier have a buffer error vulnerability, which stems from incorrect operations on the function scanstring in the file src/belexer.c. This vulnerability may lead to out-of-bounds reading...

PT-2026-22289

A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scan string of the file src/be lexer.c. This manipulation causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name:...

Canon IJ Scan Utility 安全漏洞

Canon IJ Scan Utility is a scanner management software developed by the Japanese company Canon. Versions 1.1.2 to 1.5.0 of Canon IJ Scan Utility contain security vulnerabilities. These vulnerabilities stem from the unquoted Windows service executable path, which may allow local attackers to execu...

PT-2026-22408

Name of the Vulnerable Software and Affected Versions malcontent versions prior to 1.21.0 Description malcontent is software designed for identifying supply-chain compromises using context, differential analysis, and YARA. Before version 1.21.0, the software removed nested archives that failed to...

CVE-2026-1585

The CVE-2026-1585 entry concerns an unquoted Windows service executable path in Canon IJ Scan Utility for Windows (versions 1.1.2–1.5.0), enabling a local attacker to run a malicious file with the service’s privileges. Affected component: the Windows service responsible for IJ Scan Utility. Root ...

CVE-2026-1585

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

CVE-2026-1585

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

CVE-2026-1585

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

PT-2026-22229

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

CVE-2026-27967

Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...

ElysiumVanguard

🌌 Elysium Vanguard: TITAN v13.0 Hardware-Bridged Kernel E...

389-ds-base security update

2.7.0-10 - Resolves: RHEL-123243 - Attribute uniqueness is not enforced upon modrdn operation rhel-9.7.z - Resolves: RHEL-123765 - 389-ds-base OpenScanHub Leaks Detected rhel-9.7.z - Resolves: RHEL-137083 - CVE-2025-14905 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via...

Cloud Based WAF Upload Scan and Control: The New Standard for File Upload Security

We're excited to announce the launch of Upload Scan and Control, an essential new feature for Imperva Cloud WAF. This add-on tackles one of the most critical vulnerabilities facing web applications today—insecure file uploads—offering protection with scalability, simplicity, and enterprise-grade...