CVE-2026-8124

A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidxboxread of the file src/isomedia/boxcodebase.c. The manipulation leads to allocation of resources. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The...

CVE-2026-24574

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

OESA-2026-2558 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability, which was classifie...

PT-2026-46970

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...

Linux Distros Unpatched Vulnerability : CVE-2026-10229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::readmeshes of the file HL1MDLLoader.cpp of the component Half-Life...

Assimp security vulnerabilities

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a zero-division error in the FBXExporter.cpp file’s...

SUSE-SU-2026:21917-1 Security update for kernel-livepatch-MICRO-6-0_Update_23

This update for kernel-livepatch-MICRO-6-0Update23 fixes the following issues: - New livepatch SLE Micro 6.0/6.1 kernel update 23...

CVE-2026-41076

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server configurations, an attacker m...

CVE-2026-8245

Concrete CMS 9.5.0 and earlier is vulnerable to a Reflected XSS in Legacy Pagination. The flaw occurs because Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating the $URL field into href, allowing an attacker to craft a URL that injects HTML into the link tag. An authenti...

CVE-2026-25781

CVE-2026-25781 affects the OpenHarmony kernel_liteos_a in v6.0 and earlier. It is an out-of-bounds write vulnerability that allows a local attacker to cause a denial of service that cannot be recovered. The CVSSv3.1 base score is 8.4 (HIGH) with LOCAL, LOW attack complexity, and privileges requir...

CVE-2026-28751

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

EUVD-2026-30828

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

OpenHarmony 输入验证错误漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contained a vulnerability related to input validation. Attackers could exploit this vulnerability to cause denial-of-service attacks...

OpenHarmony 安全漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contain security vulnerabilities, and attackers can exploit these vulnerabilities to cause denial-of-service attacks...

OpenHarmony 安全漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contain security vulnerabilities, and attackers can exploit these vulnerabilities to cause information leaks...

PT-2026-41814

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...

[BSA-133] Security Update for incus

Mathias Gibbens uploaded new packages for incus which fixed the following security problems: CVE ID : CVE-2026-40195 CVE-2026-40197 CVE-2026-40243 CVE-2026-40251 CVE-2026-41647 CVE-2026-41648 CVE-2026-41684 CVE-2026-41685 Multiple security issues were discovered in Incus, a system container and...

CVE-2026-44215

Summary: NanaZip versions 5.0.1252.0 through before 6.0.1698.0 contain a bug in the UFS/UFS2 filesystem image parser that allows a one-byte heap out-of-bounds null write when opening a crafted UFS image. Vulnerability details: attacker-controlled byte offset within a ~254-byte window past the hea...

CVE-2026-35071

The CVE-2026-35071 entry concerns Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, with an OS Command Injection flaw caused by improper neutralization of special elements in an OS command. A high-privilege attacker with local access could potentially exploit this to achieve command execut...

EUVD-2026-28349

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting XSS, Reflected XSS. This issue affects Proticaret E-Commerce: from v5.0.0 before V 6.0.1767.1383...