ROS-20260605-73-0002

The vulnerability in ImageMagick is related to insufficient control over resources during its existence. Exploiting this vulnerability can allow an attacker to cause a service failure...

exploit-validator

$repo Production-grade offensive security tool for Purpose...

CVE-2026-10796

Vulnerability summary (CVE-2026-10796) : nvm (Node Version Manager)

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

EUVD-2026-34292

A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kvcatalog.go of the component Grantee ID Hash Handler. The manipulation leads to use of weak hash. The attack needs to be performed locally. The...

CVE-2026-10802

The CVE-2026-10802 impact is in keystonejs keystone’s GraphQL API Endpoint, specifically in packages/core/src/lib/core/queries/output-field.ts. The vulnerability arises from a manipulation that causes resource consumption and can be exploited remotely. Public exploitation is reported, and a fix i...

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

DEBIAN-CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

UBUNTU-CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

CVE-2026-10805

Summary : CVE-2026-10805 concerns NetworkManager’s dhclient backend, which may misprocess malformed MUD URLs to enable local privilege escalation. What’s affected : NetworkManager (dhclient backend); only when administrator explicitly configures NetworkManager to use dhclient. Default configurati...

CVE-2026-10805 Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

EUVD-2026-34207

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

CVE-2026-10805 Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

CVE-2026-49188

CVE-2026-49188 affects a component where the ai_cmd utility runs with root privileges and pipes socket inputs directly to popen(), enabling unauthenticated users to execute arbitrary root commands. The available sources explicitly state elevated root command execution via ai_cmd sockets, with CVS...

CVE-2026-49188 Elevated Root Command Execution via ai_cmd Sockets

The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...

CVE-2026-49188

The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...

SUSE CVE-2026-10705

A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...

SUSE CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...