GHSA-J86X-FWP2-QH7V vulnerabilities

Vulnerabilities for packages: airflow...

EUVD-2026-35350

A cross-site scripting XSS vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QTS...

GHSA-5XRQ-8626-4RWP vulnerabilities

Vulnerabilities for packages: vitess...

GHSA-49RJ-9FVP-4H2H vulnerabilities

Vulnerabilities for packages: vitess...

CVE-2026-42342 vulnerabilities

Vulnerabilities for packages: vitess...

CVE-2026-40181 vulnerabilities

Vulnerabilities for packages: vitess...

CVE-2026-10544

Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated user with write access to a vault to execute arbitrary commands on the systems managed by the affected PAM provider. This issue affects : Devolutions...

CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

CVE-2026-7598 vulnerabilities

Vulnerabilities for packages: libssh2...

Malicious code in nodemon-copack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c19d51ffe2ef2fc40ac2efc32c5abe45d0f04280090bf17114c9cf87148cc1e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-8376 vulnerabilities

Vulnerabilities for packages: perl...

GHSA-MPXQ-89H3-QC47 vulnerabilities

Vulnerabilities for packages: perl...

Kaseya Virtual System Administrator - Open Redirect

Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2015-286...

QNAP HBS 3 - Broken Access Control

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...

PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting

PKP Open Journal Systems 2.4.8 to 3.3 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary code via the X-Forwarded-Host Header. id: CVE-2022-24181 info: name: PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting author: lucasljm2001,ekrause severit...

SUSE CVE-2026-22017

unknown...

SUSE CVE-2026-34278

unknown...

SUSE CVE-2026-34304

unknown...

Linux Distros Unpatched Vulnerability : CVE-2026-48163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MariaDB project reports: Multiple vulnerabilities in MariaDB Cluster Galera CVE-2026-48163 Note that Nessus relies on the presence of the package as reporte...

Linux Distros Unpatched Vulnerability : CVE-2026-48165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MariaDB project reports: Multiple vulnerabilities in MariaDB Cluster Galera CVE-2026-48165 Note that Nessus relies on the presence of the package as reporte...