CVE-2026-52944

In the Linux kernel, the following vulnerability has been resolved: k...

CVE-2026-10753

The Site Kit by Google WordPress plugin before 1.176.0 does not properly restrict a REST API write endpoint to administrators, allowing lower-privileged users who have been granted dashboard sharing access such as Editors to modify a site-wide Site Kit by Google WordPress plugin before 1.176.0...

EUVD-2026-38695

The Site Kit by Google WordPress plugin before 1.176.0 does not properly restrict a REST API write endpoint to administrators, allowing lower-privileged users who have been granted dashboard sharing access such as Editors to modify a site-wide Site Kit by Google WordPress plugin before 1.176.0...

Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to addrole and userrole functions missing proper capability checks performed through the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: The commit pointer of the HVS FIFO is cleared once the operation is completed. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait for previous FIFO users before committing” introduced a wait for the previous commit that was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: think-lmi: Fixed memory leaks when parsing ThinkStation WMI strings My previous commit introduced a memory leak, where the memory allocated by the tlmisetting function was not freed. This commit also renames the...

EUVD-2026-36726

Multer vulnerable to Denial of Service via deeply nested field names...

EUVD-2026-37021

Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

EUVD-2026-37020

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

EUVD-2026-37019

Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

EUVD-2026-37018

Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9262

Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9258

Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9260

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9261

Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9259

Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9262

CVE-2026-9262 affects Canon EOS Network Setting Tool (Version 1.5.0 or earlier). The issue is the use of a non-secure protocol by default in FTP configuration. Reported CVSS metrics indicate a Network attack with high confidentiality impact (CVSS 3.1: 6.5 base, MEDIUM) and a notable impact under ...

CVE-2026-9261

The CVE relates to Canon EOS Network Setting Tool (Canon) versions 1.5.0 or earlier that use weak SSH cryptographic algorithms. Root cause: weak SSH crypto in the tool could affect confidentiality and integrity (per CVSS metrics indicating high impact on these areas) with network access as the at...

CVE-2026-9260

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9260

CVE-2026-9260 concerns the Canon EOS Network Setting Tool, affected in version 1.5.0 or earlier. The underlying issue is the use of hard-coded cryptographic keys, which can undermine confidentiality, integrity, and availability of communications or data protected by these keys. The CVSS data indi...