CVE-2026-11620

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

EUVD-2026-35294

A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. The impacted element is an unknown function of the file htdocs/core/filemanagerdol/connectors/php/config.inc.php of the component Legacy Filemanager. The manipulation leads to improper authorization. It is possible to initiate the...

CVE-2026-44748

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

CVE-2026-44748

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Microsoft Windows Narrator Braille Support brlapi Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, Braille support for Narrator must be...

PT-2026-48000

Name of the Vulnerable Software and Affected Versions Windows NTFS affected versions not specified Description A heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute arbitrary code locally or remotely, potentially affecting the entire system. A heap-based buffer...

PT-2026-47874

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS affected versions not specified Description A heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally. A heap-based buffer overflow occurs when a program writes more...

KB5095051: Windows 11 Version 26H1 Security Update (June 2026)

The remote Windows host is missing security update 5095051. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2026-42909, CVE-2026-42913, CVE-2026-42985, CVE-2026-42992,...

Huawei HarmonyOS 资源管理错误漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei. It primarily offers seamless collaboration across devices, intelligent experiences in various scenarios, and security features. Huawei HarmonyOS has a denial-of-service vulnerability. This vulnerability stems fr...

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a code vulnerability in MongoDB Server, which stems from the 2dsphere...

SEMCMS 访问控制错误漏洞

SEMCMS is an open-source content management system CMS for foreign trade websites that supports multiple languages. Version SEMCMS 5.0 has a access control vulnerability, which stems from an unauthorized access vulnerability in the SEMCMScopy.php file...

FastApiAdmin 跨站脚本漏洞

FastApiAdmin is a full-stack rapid development platform based on FastAPI, developed by fastapiadmin. Version 2.2.0 of FastApiAdmin contains a cross-site scripting vulnerability. This vulnerability stems from the /system/notice/create endpoint, which has a cross-site scripting vulnerability relate...

FreeBSD-SA-26:36.ldns

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:36.ldns Security Advisory The FreeBSD Project Topic: Insufficient response validation in the ldns stub resolver Category: contrib Module: ldns Announced:...

PT-2026-47823

Name of the Vulnerable Software and Affected Versions NETGEAR JR6150 affected versions not specified Description Insufficient input validation allows users connected to local WiFi networks to execute operating system commands. This issue was identified through firmware emulation in a controlled...

PT-2026-47783

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/rxe component regarding incorrect iova-to-va I/O virtual address to virtual address conversion when memory regions MRs have page sizes different from the syst...

PT-2026-47788

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description TCP ULP support for SMC is fundamentally broken. The implementation attempts to convert an active TCP socket into an SMC socket by modifying the underlying struct file, dentry, and inode...

Microsoft HTTP.sys 缓冲区错误漏洞

Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There are security vulnerabilities in Microsoft HTTP.SYS. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version 1809 for 32-bit system...

Microsoft Windows UEFI 处理逻辑错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows UEFI. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Windows 11...

Microsoft Windows Common Log File System Driver 资源管理错误漏洞

The Microsoft Windows Common Log File System Driver provides a high-performance, general-purpose log file subsystem. Dedicated client applications can utilize this subsystem, and multiple clients can share it to optimize log access. The Microsoft Windows Common Log File System Driver has a resour...