Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which allows a NULL pointer dereferenc...

[Eclipse Theia] Arbitrary Command Execution via Untrusted Workspace Task Definitions

In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files e.g. .theia/tasks.json, .vscode/tasks.json could be executed without requiring workspace trust. An attacker could craft a malicious repository that, when cloned and opened in Theia, leads to execution of arbitra...

ExploitBench AI Exploit Benchmark Tool

ExploitBench measures how far AI agents climb, from reaching vulnerable code, to triggering the bug, to building exploit primitives, to arbitrary code execution...

CVE-2026-42252

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vfio/cdx driver’s failure to verify whether MSI is configured during the interrupt trigger...

XSSaudit

XSSAudit v2.0 — Advanced XSS Vulnerability Scanner For au...

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

EUVD-2026-25687

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...

CVE-2026-42254

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...

PT-2026-31416

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description Zammad, a web-based open-source helpdesk/customer support system, had insufficient validation in its webhook model for loopback or link-local addresses. Only the URL scheme HTTP/HTT...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the setupfree function of the stbvorbis.c file. An attacker can cause resource exhaustion by triggering repeated or malformed calls to this function remotely, potentially leading t...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to cancel pending tasks after clearing deferredqc, potentially leading to the triggering of...

CVE-2026-3227

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

CVE-2026-3226

The LearnPress plugin for WordPress (LearnPress – WordPress LMS Plugin) contains CVE-2026-3226: versions up to 4.3.2.8 allow unauthorized email notification triggering due to missing capability checks in the SendEmailAjax class. The AbstractAjax::catch_lp_ajax() dispatcher verifies a wp_rest nonc...

EUVD-2018-21650

eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004236)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004236 advisory. An issue was discovered in ioapiclazyupdateeoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction...

N8n < 2.2.2 Unauthenticated Forged Webhooks

According to its banner, the version of n8n running on the remote host is 0.150 or later and before 2.2.2. It is, therefore, affected by an authentication bypass in the Stripe trigger, allowing unauthenticated parties to trigger workflows by sending forget Stripe webhook events. Note that the...

Linux Distros Unpatched Vulnerability : CVE-2025-65000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SSH private keys of the Remote alert handlers Linux rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. Th...