CVE-2026-10267

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attack...

PT-2026-21378

Name of the Vulnerable Software and Affected Versions janet-lang versions prior to 1.41.0 Description A flaw exists in the janet-lang software, specifically within the janetc varset function located in the src/core/specials.c file, part of the handleattr Handler component. This issue can lead to ...

CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

PT-2025-43865

Name of the Vulnerable Software and Affected Versions Kamailio version 5.5 Description A flaw exists in Kamailio that involves a use-after-free condition. This issue is located within the Configuration File Handler component, specifically in the sr push yy state function of the src/core/cfg.lex...

EUVD-2025-34994

Malicious code in srccore-instanceindexts npm...

Prototype Pollution

zrender is vulnerable to prototype pollution. An attacker is able to inject malicious property using merge and clone helper methods in the src/core/util.ts causing prototype pollution via proto...