CVE-2026-5678

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

CVE-2026-5676

A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...

SUSE-SU-2026:21062-1 Security update for expat

This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing bsc1259711. - CVE-2026-3277...

CVE-2026-35610

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...

CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

EUVD-2026-19786

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...

CVE-2026-35610

CVE-2026-35610 affects PolarLearn; in 0-PRERELEASE-14 and earlier, the account-management module’s setCustomPassword(userId, password) and deleteUser(userId) used an inverted admin check, allowing authenticated non-admin users to perform these actions and effectively escalating privileges. This i...

SUSE-SU-2026:21000-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. - CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and...

CVE-2026-5692

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been made public and cou...

PolarLearn 授权问题漏洞

PolarLearn is an online learning platform developed by PolarNL. Versions of PolarLearn prior to 0-PRERELEASE-14 contained an authorization issue vulnerability. This vulnerability stemmed from the use of reverse administrator checks in the account-management module’s setCustomPassword and deleteUs...

PT-2026-30921

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...

CVE-2026-5691 Totolink A7100RU cstecgi.cgi setFirewallType os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The exploit has been...

EUVD-2026-19434

A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...

BIT-MONGODB-2026-5170 Users could trigger a crash of mongod primaries during promotion to sharded

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

CVE-2026-5614

A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the...

CVE-2026-5614

A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the...

CVE-2026-5609 Tenda i12 Parameter wifiSSIDset formwrlSSIDset stack-based overflow

A flaw has been found in Tenda i12 1.0.0.113862. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wlradio causes stack-based buffer overflow. It is possible to initiate the...

EUVD-2026-19140

A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the...

Directus 安全漏洞

Directus is an open-source real-time API and application dashboard developed by Directus. It is used to manage SQL database content. Versions of Directus prior to 11.16.1 contained a security vulnerability. This vulnerability stemmed from the TUS recoverable upload endpoint, which only performed...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the capsetfile function. An attacker can gain elevated privileges by exploiting a race condition during file capability updates, redirecting capabilities to an attacker-controlled file...