unbound: Unbound DNSSEC Validator Use-After-Free via Deep Copy Pointer Overwrite Leading to DoS and Possible Remote Code Execution

A flaw was discovered in Unbound’s DNSSEC validator can leave it using an invalid memory pointer after certain DS sub-query validations fail due to NSEC3 budget exhaustion. This may cause crashes and could potentially allow arbitrary code execution...

CLSA-2026-1779534149 unbound: Fix of CVE-2026-33278

CVE-2026-33278: use-after-free in DNSSEC validator dnsmsgdeepcopyregion during NSEC3 sub-query suspend/resume; buggy struct-assignment overwrote the destination's freshly-allocated rrsets pointer with the source's pointer, leaving a dangling pointer dereferenced after the source region was freed...

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021667 advisory. MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. Tenable has extracted the...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

Astra Linux - уязвимость в mariadb-10.3

MariaDB version 10.5.9 allows a SetVar.cc application to crash due to certain uses of the UPDATE statement in conjunction with a nested subquery...

CVE-2026-40331 Masa CMS unauthenticated SQL injection via altTable parameter in JSON API

Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altTable parameter that is stored via the setAltTable method without validation or sanitization. This...

Astra Linux - уязвимость в mariadb-10.3

savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...

CVE-2026-1577 IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries (CVE-2026-1577)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries. Vulnerability Details CVEID:CVE-2026-1577 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of servic...

Exploit for SQL Injection in Apache Superset

CVE-2026-23980 - Apache Superset Authenticated SQL Injection...

Exploit for SQL Injection in Apache Superset

CVE-2026-23980 - Apache Superset Authenticated SQL Injection...

JLSEC-2026-47

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

CVE-2026-30870

PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration, this could result in...

CVE-2026-30870

PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration, this could result in...

Incorrect Authorization

Overview @powersync/service-sync-rules is an A library containing logic for PowerSync sync rules. Affected versions of this package are vulnerable to Incorrect Authorization in the stream synchronization with config.edition: 3 and subquery filters are used without partitioning the result set. An...

PowerSync Service 授权问题漏洞

PowerSync Service is a local-first synchronization engine developed by PowerSync as open source. Version 1.20.0 of PowerSync Service contains an authorization vulnerability. This vulnerability arises from ignoring certain subquery filters when using a new synchronization stream, which may allow...

EUVD-2026-10416

PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration, this could result in...

EUVD-2026-10417

PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration, this could result in...

CVE-2026-30870

CVE-2026-30870 affects PowerSync Service (server-side of the PowerSync sync engine). In version 1.20.0, using new sync streams with config.edition: 3, certain subquery filters could be ignored when deciding which data to sync to users, potentially allowing authenticated users to receive data that...

CVE-2026-30870

PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration, this could result in...