WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting

WordPress W3 Total Cache plugin before 2.1.5 is susceptible to cross-site scripting via the extension parameter in the Extensions dashboard, when the setting 'Anonymously track usage to improve product quality' is enabled. The parameter is output in a JavaScript context without proper escaping...

Total Donations Plugin for WordPress < 2.0.6 - Arbitrary Options Update

Incorrect access control in miglaajaxfunctions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call...

ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet

47 zero-days fell at Pwn2Own Berlin 2026 for US$1,298,250 in payouts. TrendAI™ was on the ground all three days — here's what we saw...

PT-2026-45275

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extract anim value of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

Assimp security vulnerabilities

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter num.total in the...

EUVD-2026-32299

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

CVE-2026-45994 ibmasm: fix OOB reads in command_file_write due to missing size checks

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

PT-2026-43870

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation

We present a dataset of adversarial malware samples derived from the public RawMal-TF collection of real-world malware binaries. Using a suite of adversarial malware generators, we construct two sets of adversarial PE files: 44,347 family-labelled samples and 33,596 type-labelled samples, achievi...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sbi-totalvalidblockcount syzbot reported a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/f2fs.h:2521! RIP: 0010:decvalidblockcount+0x3b2/0x3c0 fs/f2fs/f2fs.h:2521 Call...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around unixtotinflight. unixtotinflight is updated under spinlockunixgclock, but unixreleasesock reads it without locking. We should use READONCE for unixtotinflight. Note that the writer side was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Validation of the totlen and ihl fields of the inner IPv4 packet has been added to the processing of decrypted IPTFS payloads in inputprocesspayload. A crafted ESP...

SOC-Alert-Investigation-Portfolio

SOC Alert Investigation Portfolio This repository contains pr...

CVE-2026-44826 Vvveb: Vvveb CMS — Negative-quantity cart manipulation allows creation of orders with negative grand totals

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

CVE-2026-44826 Vvveb: Vvveb CMS — Negative-quantity cart manipulation allows creation of orders with negative grand totals

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

CVE-2026-7648

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, whi...

CVE-2026-43881

Technical details about CVE-2026-43881 are not provided in the connected documents. The Initial Description summarizes the vulnerability, but no vendor/product/version specifics or remediation are included here. Monitor for updated advisories and fixes.

CVE-2026-43881 WWBN AVideo: Unauthenticated User Enumeration in `objects/users.json.php` via `isCompany` Parameter Flips `$ignoreAdmin = true` and Defeats Admin-Only Listing Guard

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/users.json.php exposes two unauthenticated paths that disclose the full set of registered user accounts. The isCompany request parameter causes the handler to set $ignoreAdmin = true for any non-admin call...