CVE-2026-44470 Claude Desktop: Local Privilege Escalation via Directory Junction in CoworkVMService

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

EUVD-2026-30049

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

CVE-2026-44470

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

MINI-R6P4-CGVX-P285

Bulletin has no description...

Anchor: Program<'info, System> is not properly validated

Summary An logic error causes anchor programs to accept any program id when requiring the system program id, causing false assumptions resulting in potential arbitrary cpi in programs that invoke system program instructions. Details In the TryFrom implementation for Program, the id of T is compar...

GHSA-C6RC-8JPP-2FGC Anchor: Program<'info, System> is not properly validated

Summary An logic error causes anchor programs to accept any program id when requiring the system program id, causing false assumptions resulting in potential arbitrary cpi in programs that invoke system program instructions. Details In the TryFrom implementation for Program, the id of T is compar...

CVE-2026-43486

The CVE-2026-43486 entry details a Linux kernel arm64 contpte vulnerability where contpte_ptep_set_access_flags() could return a no-op when the gathered ptep_get() view matched the entry, leaving a sub-PTE with PTE_RDONLY or lacking PTE_AF in hardware. This could cause infinite fault loops for pa...

CVE-2020-37223 IObit Uninstaller 9.5.0.15 Unquoted Service Path Privilege Escalation

IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files x86\IObit directory and restart the service t...

CVE-2020-37222

Kuicms Php EE 2.0 is affected by a persistent cross-site scripting (XSS) vulnerability. The issue allows unauthenticated attackers to inject arbitrary scripts by submitting crafted content through the bbs reply endpoint (POST to /web/?c=bbs&a=reply) with HTML/JavaScript payloads in the content pa...

CVE-2020-37220

Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...

CVE-2020-37219

Joomla extension com_fabrik 3.9.11 contains a directory traversal vulnerability in image.php that lets unauthenticated attackers enumerate arbitrary files. By manipulating the folder parameter in onAjax_files, attackers can use path traversal sequences to list files in system directories outside ...

CVE-2020-37219 Joomla com_fabrik 3.9.11 Directory Traversal via image.php

Joomla comfabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjaxfiles method with path traversal sequences to enumerate files in system directories...

CVE-2020-37168 Ecommerce Systempay 1.0 Production Key Brute Force

Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment signature generation. Attackers can extract payment form data and signatures from POST requests to the payment endpoint,...

CVE-2026-31225

The superduper project thru v0.10.0 contains a critical remote code execution vulnerability in its query parsing component. The parseoppart function in query.py uses the unsafe eval function to dynamically evaluate user-supplied query operands without proper sanitization or restriction. Although...

CVE-2026-28936

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a maliciously crafted file may lead to unexpected app termination...

CVE-2026-28873

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...

CVE-2026-42930 Appliance mode iControl REST vulnerability

When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-42930

CVE-2026-42930 affects BIG-IP in Appliance mode. An authenticated attacker with the Administrator role may bypass Appliance mode restrictions, enabling read/modify of arbitrary system files (control plane issue; no data plane exposure). Affected branches and fixes per F5 advisories: BIG-IP all mo...

CVE-2026-42930

When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-42924 BIG-IP iControl SOAP vulnerability

An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...