CVE-2016-20089

Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be...

CVE-2026-41155

The CVE-2026-41155 entry describes a vulnerability in GPU DDK where shared secure memory allocations are mapped into all GPU virtual address spaces, enabling cooperative data transfer between secure GPU processes and potential disruption of others, causing image corruption or GPU hardware recover...

Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps

The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance...

undertow: Undertow: Request Smuggling via Malformed HTTP Request Headers

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

undertow: Undertow: Request Smuggling via Malformed HTTP Request Headers

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.28.2 Release.

Red Hat OpenShift Dev Spaces 3.28.2 has been released. This release provides security fixes for Dev Spaces components. https://access.redhat.com/support/policy/updates/openshiftcrw...

Updated xdg-dbus-proxy packages fix security vulnerability

A policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases...

Reporting from Vegas: Networking, AI, and good boys

Welcome to this week's edition of the Threat Source newsletter. Howdy friends, and hello from Cisco Live U.S., here in sunny and very hot Las Vegas! An interesting quirk of being sent to one of these events is you learn to understand your limits as a person. Cisco Live is a three-day event, and i...

Django 安全漏洞

Django is a set of open-source web application frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 5.2.15 and 6.0 prior to 6.0.6 contained security...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.28.0 Release.

Red Hat OpenShift Dev Spaces 3.28.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.28 release is based on...

Symfony's HtmlSanitizer URL Attributes Pass Through BiDi Override Characters → Visual href Spoofing

Description Symfony\Component\HtmlSanitizer\TextSanitizer\UrlSanitizer::parse used by UrlSanitizer::sanitize and therefore by every HtmlSanitizer config that allows links or media accepts URLs that contain Unicode explicit-direction BiDi formatting characters: U+202A–U+202E LRE / RLE / PDF / LRO ...

PT-2026-44133

Description SymfonyComponentHtmlSanitizerTextSanitizerUrlSanitizer::parse used by UrlSanitizer::sanitize and therefore by every HtmlSanitizer config that allows links or media accepts URLs that contain Unicode explicit-direction BiDi formatting characters: U+202A–U+202E LRE / RLE / PDF / LRO / RL...

Astra Linux - уязвимость в thunderbird

When displaying the sender of an email, if the sender’s name contained multiple Braille space characters, Thunderbird would display all those spaces. This could be exploited by an attacker to send an email message with the attacker’s digital signature, where the signature was displayed along with...

Astra Linux - уязвимость в firefox, thunderbird

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2026-35415

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

CVE-2026-35415

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

EUVD-2026-29622

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

CVE-2026-35415 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

CVE-2026-35415 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

CVE-2026-35415

Technical details about CVE-2026-35415 are not publicly available in the provided connected documents. Monitor for updates for specifics on affected products, impact, and mitigations once they are published.