PT-2026-2115

Name of the Vulnerable Software and Affected Versions OWASP Core Rule Set versions prior to 4.22.0 OWASP Core Rule Set versions prior to 3.3.8 Description A bug in rule 922110 affects the processing of multipart requests with multiple parts. When the first rule in a chain iterates over a collecti...

Exploit for Improper Control of Dynamically-Managed Code Resources in N8N

Poc Proof of Concept 1. Open n8n in your browser -...

CVE-2025-47343

Memory corruption while processing a video session to set video parameters...

CVE-2026-0640

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could ...

CVE-2026-0640

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could ...

CVE-2026-0640

CVE-2026-0640 affects Tenda AC23 firmware 16.03.07.52. The vulnerability resides in the sscanf usage of /goform/PowerSaveSet where tampering with the Time argument can cause a buffer overflow. Exploitation can be remote, and public PoC/exploit information exists. Affected component: the PowerSave...

CVE-2026-0640 Tenda AC23 PowerSaveSet sscanf buffer overflow

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could ...

PT-2026-1431

Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A flaw exists in Tenda AC23 version 16.03.07.52 related to a buffer overflow. The issue is located in the /goform/PowerSaveSet file and specifically affects the sscanf function. Manipulation of the Ti...

Tenda AC23 安全漏洞

Tenda AC23 is a dual-band gigabit wireless router from Tenda China. A security vulnerability exists in Tenda AC23 version 16.03.07.52, which originates from an incorrect manipulation of the parameter Time in the file /goform/PowerSaveSet, which may result in a buffer overflow...

CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

[SECURITY] Fedora 43 Update: nginx-mod-headers-more-0.39-4.fc43

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

CVE-2025-15413

A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function opSetSloti32/opCallIndirect of the file m3exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project ha...

CVE-2025-15413

A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function opSetSloti32/opCallIndirect of the file m3exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project ha...

EUVD-2026-0004

A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function opSetSloti32/opCallIndirect of the file m3exec.h. Performing manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project has ...

CVE-2025-15413 wasm3 m3_exec.h op_CallIndirect memory corruption

A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function opSetSloti32/opCallIndirect of the file m3exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project ha...

PT-2026-27698

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the netfilter module related to the validation of open intervals within nft set rbtree. Specifically, the issue arises from the lack of a defined end...

PT-2026-6171

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel's LED class initialization. Specifically, LEDs were being added to the leds list before the led init core function was called, leaving a windo...

PT-2026-28333

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rust binder component related to handling binder death notifications. Specifically, the set notification done function may be called without...

PT-2026-8146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Bluetooth MGMT subsystem, specifically within the set ssp complete function. The issue arises from missing calls to mgmt pending free in both success and erro...