CVE-2026-42100

creationtimestamp| type| source ---|---|--- 2026-05-19 02:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-42096 2026-05-21 01:49:33+00:00| seen| https://ccb.belgium.be/advisories/warning-actively-exploited-critical-and-multiple-high-vulnerabilities-sparx-pro-cloud...

CVE-2026-47307

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause a denial of service via a crafted WebAssembly module containing deeply nested instructions. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

OpenHarmony 安全漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contain security vulnerabilities, and attackers can exploit these vulnerabilities to cause information leaks...

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of...

Xen 安全漏洞

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during operation, ensuring smooth functioning and avoiding downtime. Xen has a security vulnerability th...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the ServiceWorker strategy, which could allow remote attackers to leak cross-source data through...

PT-2026-41830

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

PT-2026-42046

Name of the Vulnerable Software and Affected Versions FileBrowser Quantum affected versions not specified Description An unauthenticated user can cause the exposure of sensitive information, such as source and path details. Recommendations Update to the latest version...

PT-2026-42013

Name of the Vulnerable Software and Affected Versions CtrlPanel versions prior to 1.2.0 Description An authenticated admin-level user can achieve Remote Code Execution by supplying an arbitrary class name available in the Composer autoloader. The admin settings update endpoint accepts a fully...

faraday 代码问题漏洞

Faraday is an open-source HTTP client library developed by LostIsland. There are code vulnerabilities in the Faraday version 2.0.0 to 2.14.1. These vulnerabilities stem from the fact that requests passed as URI objects still allow protocol-related host overrides, leading to request forgery attack...

PT-2026-41828

Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description Uncontrolled Recursion allows the processing of oversized serialized data payloads. Recommendations At the moment, there is no information about a newer version that contain...

PT-2026-41836

Name of the Vulnerable Software and Affected Versions Samsung Open Source Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description An out-of-bounds write issue exists that allows overflow buffers. Recommendations At the moment, there is no information about a newer version that...

PT-2026-41835

Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description Samsung Open Source Escargot contains a flaw where memory allocation is performed using an excessive size value, leading to excessive allocation. Recommendations At the...

PT-2026-41834

Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description A release of invalid pointer or reference issue in Samsung Open Source Escargot allows for buffer manipulation. Buffer manipulation occurs when a program modifies a memory...

PT-2026-41826

Name of the Vulnerable Software and Affected Versions Samsung Open Source Walrus version f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9 Description A NULL pointer dereference allows pointer manipulation. A NULL pointer dereference occurs when a program attempts to read or write to a memory address that...

ALSA-2026:19352 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of...

Malicious code in @antv/l7-source (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

PT-2026-41839

Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

PT-2026-41829

Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description A use after free flaw in Samsung Open Source Escargot enables pointer manipulation. Use after free is a memory corruption issue that occurs when an application continues to...