PT-2026-37961

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...

jOpenDocument has an improper restriction of XML external entity reference vulnerability

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

GHSA-J9RH-P96M-MHHP jOpenDocument has an improper restriction of XML external entity reference vulnerability

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

CVE-2026-6501

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

EUVD-2026-26973

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

CVE-2026-6501

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

CVE-2026-6501

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

CVE-2026-6501

The CVE pertains to jOpenDocument 1.5 and is caused by an improper restriction of XML external entity references (XML External Entity, XXE). Affected component: jOpenDocument (version 1.5). Impact details from the record indicate potential data exposure/compromise via external entities, classifie...

CVE-2026-6501

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

Nginx UI 信息泄露漏洞

Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI prior to 2.3.8 had a vulnerability related to information leakage. This vulnerability stemmed from the GetSettings API’s serialization mechanism, which serialized all settings and returned them to authenticated users...

PT-2026-36826

Name of the Vulnerable Software and Affected Versions jOpenDocument version 1.5 Description Improper restriction of XML external entity reference in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This occurs when the application fails to properly restrict XML...

ILM Informatique jOpenDocument 代码问题漏洞

ILM Informatique jOpenDocument is a document processing library developed by the French company ILM Informatique. Version 1.5 of ILM Informatique jOpenDocument contains a code vulnerability caused by improper restrictions on XML external entity references. This vulnerability may lead to an...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Serialization. The supported versions affected by this vulnerability include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to com.newrelic agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to com.newrelic agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fixed deadlocks related to acpipowermeternotify The .notify callback function of the acpipowermeter driver, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks i...