CVE-2025-40895

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

SUSE CVE-2026-23237

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places in the Classmate laptop driver, code using the accel object may run before that object's address is stored in the driver data of the input device usi...

PT-2026-23434

I have been running an ESP32-S3 BLE mesh network at home for about 3 months now. Six nodes tracking temperature, humidity and air quality. Using esp-idf 5.2 with deep sleep at 30 second intervals. Getting around 7.5 months battery life per node which is better than I expected. The key was...

EUVD-2025-208268

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

CVE-2026-23237

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places in the Classmate laptop driver, code using the accel object may run before that object's address is stored in the driver data of the input device usi...

CVE-2025-40895

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

CVE-2025-40895

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

CVE-2025-40895 HTML injection in Sensor Map in CMC before 25.6.0

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

CVE-2025-40895 HTML injection in Sensor Map in CMC before 25.6.0

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

CVE-2025-40895

CVE-2025-40895 describes a Stored HTML Injection in the CMC Sensor Map feature caused by improper validation of connected Guardians’ properties. An authenticated administrator on a Guardian can edit properties to inject HTML; if Sensor Map is enabled, a victim CMC user may see injected HTML when ...

Nozomi Networks CMC 跨站脚本漏洞

Nozomi Networks CMC is a network management platform developed by Nozomi Networks in the United States. Nozomi Networks CMC has a cross-site scripting vulnerability. This vulnerability stems from the improper attribute validation of connections to Guardian by the CMC Sensor Map function. It may...

PT-2026-22915

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties to inject HTML...

HTML injection in Sensor Map in CMC before 25.6.0

Summary A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on connected Guardians' properties. Impact A malicious authenticated user with administrator privileges on a Guardian connected to a CMC can edit the Guardian's properties...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005575)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005575 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is...

Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows

Secure your Windows fleet without sacrificing performance. Wiz pairs real-time threat detection with a memory-safe architecture that scales efficiently to protect your essential cloud infrastructure...

Systematic Review of Lightweight Cryptographic Algorithms

The emergence of small computing devices and the integration of processing units into everyday objects has made lightweight cryptography an essential part of the security landscape. Conventional cryptographic algorithms such as AES, RSA, and DES are unsuitable for resource-constrained devices due...

UBUNTU-CVE-2025-71198

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...

CVE-2026-23104

CVE-2026-23104 describes a Linux kernel ice driver issue where devlink reload can trigger a call trace due to mismatched cleanup of the internal hwmon state. The root cause is that ice_hwmon_init() is invoked during feature init and ice_hwmon_exit() was tied to ice_remove(), which could leave a d...

EUVD-2025-206799

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...

CVE-2025-71198 iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...