Lucene search
K

2485 matches found

CVE
CVE
added yesterday7 views

CVE-2026-58453

JAIOTlink C492A-W6 Wi‑Fi IP cameras (firmware 4.8.30.57701411) are affected by CVE-2026-58453 due to hard-coded credentials. An attacker on the network can authenticate to the anyka_ipc HTTP service (port 80) using the default admin username with an empty password, gaining unauthorized access to ...

9.8CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-41049

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...

9.8CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2 days ago7 views

CVE-2026-57204

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAXDECLAREDSTREAMLENGTH is sometimes ignored. This requires parsing a content stream...

6.9CVSS0.00263EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago5 views

org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files

A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service...

7.5CVSS6.5AI score0.01941EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 3 days ago7 views

Security update for xtrabackup (moderate)

openSUSE Security Update: Security update for xtrabackup Announcement ID: openSUSE-SU-2026:0221-1 Rating: moderate References: 1244285 Cross-References: CVE-2025-5918 CVSS scores: CVE-2025-5918 SUSE: 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE...

2.4CVSS5.8AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 4 days ago17 views

CVE-2026-58052

7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched...

4.8CVSS0.00119EPSS
Exploits0References3
CVE
CVE
added 4 days ago39 views

CVE-2026-58052

Technical details are not publicly available in the provided documents; monitor for updates.

4.8CVSS5.8AI score0.00119EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-39972

7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched...

4.8CVSS5.8AI score0.00119EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 5 days ago7 views

ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-36601

Nezha Monitoring: Unbounded WebSocket Streams — Resource Exhaustion DoS...

6.5CVSS5.8AI score0.00289EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago38 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

0.00309EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-39640

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-52912

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.3 OpenProject versions prior to 17.4.1 Description The HTML sanitizer allows elements to have unrestricted data- attributes through a :data wildcard. An attacker can inject data-controller="poll-for-changes"...

6.4CVSS6.1AI score0.0015EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 12:23 p.m.4 views

CVE-2026-40211

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...

5.3CVSS6.1AI score0.00413EPSS
Exploits0
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39193

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

5.8AI score0.00138EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS0.00138EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53242

CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.7AI score0.00138EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.18 views

Malicious code in leo-streams (npm)

The leo-streams npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.8AI score
Exploits0References3
Rows per page
Query Builder