1614 matches found
EUVD-2025-210213
In multiple functions of btmsec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
PT-2026-50601
Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.7.5 Description A Deno program opening a client WebSocket connection can be crashed by a remote server. During the WebSocket handshake response, Deno parsed the 'Sec-WebSocket-Protocol' and 'Sec-WebSocket-Extensions'...
UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`
Summary A regular expression denial-of-service ReDoS vulnerability has been discovered in ua-parser-js when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParserheaders.withClientHints, an attacker can cause the parser to spend excessive CPU...
PT-2026-49551
Summary A regular expression denial-of-service ReDoS vulnerability has been discovered in ua-parser-js when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParserheaders.withClientHints, an attacker can cause the parser to spend excessive CPU...
CVE-2026-54359
The CVE-2026-54359 entries describe an insecure default in MISP where Security.check_sec_fetch_site_header is disabled, allowing CSRF-like abuse where a remote unauthenticated attacker could induce an authenticated user’s browser to issue state-changing requests (POST/PUT/AJAX) to MISP automation...
CVE-2026-5067
A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the...
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
CVE-2026-41032 Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers
It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...
CVE-2026-41032 Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers
It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...
CVE-2026-10189
A vulnerability has been found in Tenda W12 3.0.0.74763. This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to t...
SEC-Bench Pro: Can Language Models Solve Long-Horizon Software Security Tasks?
Large language models LLMs now support automated software security tasks, including vulnerability discovery and proof-of-concept PoC generation. Existing benchmarks do not faithfully evaluate LLMs in real-world bug hunting scenarios because they rely on fuzzing harnesses, target-specific...
CVE-2026-40864
JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection updated in 4.1.0 inappropriately treated requests with Sec-Fetch-Mode: no-cors as same-origin requests, bypassing XSRF checks. The JSON API is not affecte...
JupyterHub 跨站请求伪造漏洞
JupyterHub is an open-source service designed for multi-user environments using Jupyter. Versions 4.1.0 to 5.4.4 of JupyterHub contain a cross-site request forgeing vulnerability. This vulnerability arises from the improper handling of XSRF protections, which mistakenly treat requests with the...
Unity Linux 20.1060e / 20.1070e Security Update: rubygem-websocket-extensions (UTSA-2026-016659)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016659 advisory. websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a head...
MAL-2026-4432 Malicious code in @sec-loans-ui/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da55a9be9d9f90abe00e16200ea17aa78f58643e40d872d04276453dfd8a88f9 Package is a hollow lure: index.js is a 35-byte stub module.exports = , description and author are empty, and the version is bumped to 99.9.1 — the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – Do not sleep when in softirq When the kunpeng920 encryption driver is used to deencrypt and decrypt packets during softirq, it is not allowed to use a mutex lock. The kernel will report the following error...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – fixed the aead software fallback for the engine. Due to the misuse of the subreq pointer, private context memory was affected. The aead software-related crypto function occasionally causes the operating...
POC
POC RBKD-SEC: Team-based PoC for vulnerability verification...
OESA-2026-2257 krb5 security update
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Security Fixes: In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext...
OCSP stapling bypass with Apple SecTrust
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...