Siemens SIMATIC S7-1500 TM MFP NULL Pointer Dereference (CVE-2026-28390)

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23228)

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of activenumconn in ksmbdtcpnewconnection On kthreadrun failure in ksmbdtcpnewconnection, the transport is freed via freetransport, which does not decrement activenumconn, leaking this counter. Replace...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23037)

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: allow partial RX URB allocation to succeed When es58xallocrxurbs fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58xopen to return early,...

Mattermost Server 10.11.x < 10.11.14 / 11.4.x < 11.4.4 / 11.5.x < 11.5.2 Vulnerability (MMSA-2026-00597)

The version of Mattermost Server installed on the remote host is affected by a vulnerability: - Mattermost fails to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate...

Mattermost Desktop 5.13.x < 5.13.6 / 6.x < 6.2.0 Multiple Vulnerabilities (MMSA-2026-00651 / MMSA-2026-00652)

The version of Mattermost Desktop installed on the remote host is affected by multiple vulnerabilities: - Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a...

Squid < 7.6 Heap-based Buffer Overflow

The version of Squid on the remote host is prior to 7.6. It is, therefore, affected by a heap-based buffer overflow vulnerability: - Due to an Improper Input Validation bug, Squid is vulnerable to a Heap-based Buffer Overflow attack against cache digests. This problem allows a trusted server to...

RHEL 8 : firefox (RHSA-2026:26630)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26630 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Devolutions Server <= 2026.1.21 / 2026.2.0 <= 2026.2.5 Multiple Vulnerabilities (DEVO-2026-0017)

The version of Devolutions Server installed on the remote host is prior or equal to 2026.1.21 or 2026.2.0 prior or equal to 2026.2.5. It is, therefore, affected by multiple vulnerabilities, including: - Improper access control in PAM account discovery results in Devolutions Server 2026.2.5,...

PT-2026-50646

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to stored Cross-Site Scripting in the Personal File Storage PFS module. A folder title pff title is imported with the 'TXT' filter, which does not strip or encode HTML the tag check in cot import is disabled, so an authenticated user can...

D-Link DSL2600U Rule-Based IoT Intrusion Detection System

This is a IoT attack detection script that monitors HTTP request behavior to identify potentially malicious activity against devices such as routers or embedded systems...

PT-2026-50825

Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery SSRF vulnerability in three administrative endpoints used for remote Signal K server connection management. The makeRemoteRequest function accepts attacker-controlled host, port, useTLS, and...

PT-2026-50721

TL;DR This vulnerability affects Kirby sites that use the writer field in any blueprint. It was possible to include a scripting link as the target of a link or email link. This link target would then be clickable by the user who entered it. A successful attack commonly requires knowledge of the...

PT-2026-50816

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 1.0 through 9.15 Description An issue exists in the named restore point endpoint 'POST /browser/server/restore point/gid/sid' where the user-supplied value field is interpolated directly into the SQL string using str.format...

Unquoted Service Path Detection and Remediation Tool for Windows

This PowerShell script is a comprehensive security auditing tool designed to detect and fix unquoted service path vulnerabilities in Windows services...

PT-2026-50734

Name of the Vulnerable Software and Affected Versions http-proxy-middleware versions 0.16.0 through 2.0.9 http-proxy-middleware versions 3.0.0 through 3.0.5 http-proxy-middleware versions 4.0.0 through 4.0.9 Description An issue exists in the router proxy-table implementation where host+path...

389-ds:1.4 security update

1.4.3.39-24 - Bump version to 1.4.3.39-24 - Resolves: RHEL-170278 - Memory leaks in syncrepl plugin during persistent search operations rhel-8.10.z - Resolves: RHEL-163375 - WARN - keys2idl - received NULL idl from indexreadextallids - Resolves: RHEL-159306 - ns-slapd crash in libdb possible memo...

PT-2026-50634

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cf images do setup AJAX handler, which...

PT-2026-50723

TL;DR This vulnerability affects Kirby sites and plugins that use the writer or list fields or that use $dom-sanitize, Sane::sanitize, SaneHtml::sanitize, SaneSvg::sanitize, SaneXml::sanitize, Sane::sanitizeFile or $file-sanitizeContents with untrusted input. It was possible to inject malicious...

PT-2026-50727

Development Runner Telephony WebSocket /ws Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID Summary The pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without any authentication. An unauthenticated remote attacker who...

PT-2026-50729

Component: tract-nnef nnef/src/tensors.rs::read tensor + tract-data data/src/tensor.rs - Affected versions: 0.21.16, 0.22.0–0.22.2, 0.23.0–0.23.1 — the dense DatLoader path was unguarded across all three release lines; patched in 0.21.16 / 0.22.2 / 0.23.1 - Class: CWE-190 integer overflow →...