Lucene search
K

3332 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-43602

In OpENer 2.3.0 commit 76b95cf when parsing incoming CIP Common Industrial Protocol network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 a 16-bit signe...

9.1CVSS6.1AI score0.00193EPSS
Exploits0References3
NVD
NVD
added 2 days ago6 views

CVE-2026-60103

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS0.00117EPSS
Exploits0References3
CVE
CVE
added 2 days ago18 views

CVE-2026-60103

Blender 3.0.0–5.1.2 contains an out-of-bounds read via a crafted .blend SDNA block. The signed short member_index is used as an array index into sdna->members[] in sdna_expand_names() without bounds checking, producing an invalid pointer that is then passed to strlen(), causing a SIGSEGV or un...

6.8CVSS6.1AI score0.00117EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago5 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS7AI score0.02719EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago3 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS6.2AI score0.02719EPSS
Exploits0References4
CVE
CVE
added 2 days ago10 views

CVE-2026-57433

CVE-2026-57433 affects Perl’s Storable before 3.41. A signed 32-bit item count read from an SX_HOOK record is added to one and then fed to av_extend; when the count equals I32_MAX the addition overflows to negative, causing av_extend to panic during thaw/retrieve and terminate deserialization. Mu...

9.8CVSS6.2AI score0.00174EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-57433 Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record

Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SXHOOK record. retrievehookcommon reads a signed 32-bit item count from an SXHOOK record and calls avextend with that count plus one. A count of I32MAX wraps the addition to a negative value. A...

0.00174EPSS
Exploits0References1
CVE
CVE
added 2 days ago11 views

CVE-2026-51536

OpENer 2.3.0 is affected by CVE-2026-51536 due to inconsistent typing of the length parameter across the call stack: an upstream int length is passed to a downstream function expecting a 16-bit signed EipInt16. A crafted CIP packet can cause the length to overflow or become negative, bypassing bo...

9.1CVSS6.1AI score0.00193EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-51536

In OpENer 2.3.0 commit 76b95cf when parsing incoming CIP Common Industrial Protocol network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 a 16-bit signe...

0.00193EPSS
Exploits0References2
CVE
CVE
added 3 days ago15 views

CVE-2026-15475

Summary: CVE-2026-15475 affects MiniTool Partition Wizard (up to v13.6), specifically the Signed Kernel Driver pwdrvio.sys. A manipulation of an unknown function in pwdrvio.sys leads to improper access controls. The attack is local. Publicly available exploit suggests potential use in attacks. A ...

5.3CVSS5.7AI score0.00105EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-15475 MiniTool Partition Wizard Signed Kernel Driver pwdrvio.sys access control

A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been ma...

5.3CVSS0.00105EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43138

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.14.0 via the generatedocumentshortcode due to missing validation on a user controlled key. This makes it possible for authenticated...

4.3CVSS6.1AI score0.00223EPSS
Exploits0References8
CVE
CVE
added 5 days ago8 views

CVE-2026-55881

OpenReplay (self-hosted session replay) versions affected: 1.22.0 – 1.27.0. The vulnerability arises in getFirstMob where 15-second presigned S3 download URLs for a session’s DOM-replay recording were generated based only on the session path, while validateProjectAccess only checked tenant owners...

7.1CVSS6.1AI score0.00246EPSS
Exploits0References4
OSV
OSV
added 5 days ago3 views

CVE-2026-55789 Logto: SAML IdP injects user-controlled profile attributes raw into signed assertions, allowing privilege escalation at relying Service Providers

Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's self-hosted SAML application IdP built the signed SAML response and assertion by string-substituting user-controlled profile attributes such as name, email, and custom attribute-mapping values into...

8.5CVSS6.2AI score0.00298EPSS
Exploits0References6
CVE
CVE
added 5 days ago12 views

CVE-2026-55789

Logto’s self-hosted SAML IdP (prior to v1.41.0) was vulnerable: it built signed SAML responses by substituting user-controlled profile attributes into an unescaped XML template, allowing an authenticated low-privilege user to forge a SAML attribute (e.g., role) and cause privilege escalation at r...

8.5CVSS6.2AI score0.00298EPSS
Exploits0References4
NVD
NVD
added 5 days ago7 views

CVE-2026-56254

In @capgo/capacitor-updater Cap-go/capgo before 12.128.2, the end-to-end encryption scheme distributes the private key to each device that downloads the app. Because the public key can be derived from the private key, an attacker performing a man-in-the-middle attack or compromising the Capgo...

8.3CVSS0.00151EPSS
Exploits0References2
Rockylinux
Rockylinux
added 5 days ago6 views

gstreamer1-plugins-bad-free security update

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...

8.8CVSS6.2AI score0.0053EPSS
Exploits0
Rockylinux
Rockylinux
added 5 days ago5 views

gstreamer1-plugins-bad-free security update

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...

8.8CVSS6.2AI score0.0053EPSS
Exploits0
The Hacker News
The Hacker News
added 6 days ago20 views

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first...

6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

MiracleLinux 8 : php:7.4 (AXSA:2026-1217:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1217:01 advisory. php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References7
Rows per page
Query Builder