CVE-2026-54267 Angular Client Hydration DOM Clobbering & Response-Cache Poisoning

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via...

CVE-2026-46135

CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...

Linux Distros Unpatched Vulnerability : CVE-2020-7921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to...

CVE-2025-23045 CVAT allows remote code execution via tracker Nuclio functions

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. An attacker with an account on an affected CVAT instance is able to run arbitrary code in the context of the Nuclio function container. This vulnerability affects CVAT deployments that run...

SUSE CVE-2020-7921

Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. This issue affects MongoDB Server v4.2 versions prior to 4.2.3...