CVE-2026-2465

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation. This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026...

Security Bulletin: Content Manager Enterprise Edition for June 2026 - Multiple CVEs

Summary Content Manager Enterprise Edition is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-342...

Authorization bypass in approval feature allows unauthorized file sharing with approvers

None...

CVE-2026-42571

Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to before 7.23.3, and 7.24.0 to before 7.24.2, there is a a privilege escalation vulnerability affecting Pelican's Web User Interface WebUI. This attack allows any user...

Unauthorized force-mute from missing permission check when using internal signaling

None...

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: k9s-fips, xeol-fips, syft, kaniko, gitea, goreleaser, trufflehog, terragrunt-fips, chainloop-cli-fips, pulumi-language-java, apko-fips, cerbos, flux-source-controller, chainctl-fips, kubescape, gitaly-fips, crossplane, zarf, rancher-fleet, argo-workflows-fips, grype,...

CVE-2026-41530

The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation feature enabled, and a product user tries to extract an archive file which has a crafted file name,...

Malicious code in @uipath/vertical-solutions-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76957e857334423d0c1f4100218bb5856183968cc9475481adecdf97eac57796 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2026-43466

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

Malicious code in @supersurkhet/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dca9eab30c0c493a8981f3457e80b67d82738a2a23c3e4273d09885737a2306c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Microsoft Office PowerPoint 访问控制错误漏洞

Microsoft Office PowerPoint is a software tool developed by the American company Microsoft for creating presentation documents PPTs. Microsoft Office PowerPoint has a security vulnerability related to access control. Attackers can exploit this vulnerability to carry out deceptive attacks...

SPIP 代码注入漏洞

SPIP is an open-source software developed by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.14 had a code injection vulnerability, which was caused by remote code execution from private spaces, potentially allowing arbitrary code to be executed...

Intel Connectivity Performance Suite May 2026 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Connectivity Performance Suite software installers, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the...

Intel® EMA Software Advisory

Summary: A potential security vulnerability in the Intel® Endpoint Management Assistant EMA software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35990 Description: Improper input validation...

Intel Vision Software Advisory

Summary: A potential security vulnerability for the Intel Vision software maintained by Intel may allow denial of service. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel Vision software. Vulnerability Details: CVEI...

编号撤回

R is a statistical computing software from The R Foundation. fe is a lightweight, embeddable ANSI C scripting language developed by rxi. This CVE number has been withdrawn...

Microsoft Azure Monitor Agent 代码问题漏洞

Microsoft Azure Monitor Agent is a monitoring agent program developed by the American company Microsoft. There are code-related vulnerabilities in Microsoft Azure Monitor Agent. Attackers can exploit these vulnerabilities to gain higher privileges...

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. Versions of Craft CMS from 4.0.0 to 4.17.12 and 5.9.18 contained security vulnerabilities. These vulnerabilities stemmed from input handling defects in the Yii object creation path, which could allow any authenticated...

Intel® Connectivity Performance Suite Software Installer Advisory

Summary: A potential security vulnerability in some Intel® Connectivity Performance Suite software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2026-20772 Description: Uncontrolled...

Intel® Graphics Advisory

Summary: Potential security vulnerabilities for some Intel® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2026-20794 Description: Buffer overflow for the...