CVE-2026-23823 Authenticated Command Injection leads to RCE in AOS-10 CLI Command

A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This vulnerability only...

EUVD-2026-29522

Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...

EUVD-2026-29534

Improper input validation for some IntelR QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...

EUVD-2026-29533

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

Intel EMA Software Advisory - Lenovo Support US

No description provided...

CVE-2026-20714

Out-of-bounds write for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

2026-05 .NET 10.0.8 Security Update for x64 Client (KB5093446)

2026-05 .NET 10.0.8 Security Update for x64 Client KB5093446...

CVE-2026-40362 Microsoft Excel Remote Code Execution Vulnerability

...

CVE-2026-41612 Visual Studio Code Information Disclosure Vulnerability

...

CVE-2026-32177

CVE-2026-32177 is a heap-based buffer overflow in the .NET Framework that enables local privilege escalation. The issue is described across multiple sources as affecting the .NET Framework components in versions 3.5 and 4.8.1, with impact described as unauthorized elevation of privileges locally ...

CVE-2026-41513

CVE-2026-41513 affects Horilla HR/CRM software (version 1.5.0) where notification endpoints trust an unvalidated next parameter, enabling open redirects to arbitrary external URLs. This can enable phishing/social-engineering redirects by turning legitimate links intomalicious destinations. Connec...

CVE-2026-41513 Horilla: Open Redirect via Unvalidated `next` Parameter in Notification Endpoints

Horilla is an HR and CRM software. In 1.5.0, the notification endpoints trust the unvalidated next parameter and redirect users to arbitrary external URLs. This allows an attacker to turn trusted application links into phishing or social-engineering redirects...

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

CVE-2026-20887

Intel Vision software (all Ring 3 versions) is affected by CVE-2026-20887 due to improper access control. An unprivileged, unauthenticated attacker could trigger a low-complexity remote attack over the network to achieve remote code execution, with potential impacts to confidentiality (HIGH), and...

WordPress Broadstreet plugin <= 1.53.1 - Authenticated (Subscriber+) Information Disclosure vulnerability

Authenticated Subscriber+ Information Disclosure vulnerability discovered by greenhats - Student in WordPress Plugin Broadstreet Ads versions = 1.53.1...

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems , the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior product manager for...

Azure SDK for Java Security Feature Bypass Vulnerability

The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may...

EUVD-2026-29446

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation. This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026...