CVE-2026-8659 OS Command Injection in Rapid7 InsightConnect SQLmap Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the apihost or apiport parameters during connection configuration due to insufficient input validation...

EUVD-2026-39152

OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the apihost or apiport parameters during connection configuration due to insufficient input validation...

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

PTC Windchill and FlexPLM Improper Input Validation Vulnerability

PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network...

CVE-2026-9776

ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ATEN Unizon. Authentication is not required to exploit this vulnerability. The specific fl...

CVE-2026-55759

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT signatures but skips claims validation. Any Apple-signed JWT with a non-empty iss is accepted...

CVE-2026-53766

Chrome DevTools for agents chrome-devtools-mcp lets your coding agent control and inspect a live Chrome browser. From 0.24.0 until 1.1.0, McpContext.validatePath enforces workspace roots by checking whether path.resolvefilePath textually falls under one of the configured root paths. path.resolve...

CVE-2026-9775 ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability

ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL...

CVE-2026-9774 ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability

ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2026-9772

Unraid Web Server FileUpload Command Injection (CVE-2026-9772) allows authenticated attackers to execute arbitrary code on affected installations via a crafted FileUpload.php input, executing a system call as www-data. Root cause: insufficient validation of a user-supplied string before a system ...

CVE-2026-47110

Tiptap for PHP before version 2.1.1 contains an input validation vulnerability: if attrs.href is submitted as an array in Tiptap JSON, Link::isAllowedUri() can trigger an unhandled TypeError during preg_match(), crashing the server-side HTML rendering pipeline for all subsequent viewers of that r...

CVE-2026-13208

A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity namespace/name solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI...

CVE-2026-55759

Rocket.Chat Apple Sign-In had a JWT claims validation bypass prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13. Any Apple-signed JWT with a non-empty iss could be accepted regardless of aud, exp, nbf, or nonce, enabling replay authentication if an attacker obtains a user’s identity t...

CVE-2026-46423

Rocket.Chat prior to versions 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11 contains a SAML SP issue where the verifySignatures routine returns early if serviceProviderOptions.cert is falsy, causing silent skip of SAML Response and Assertion signature validation when the IdP certi...

CVE-2026-52914

A flaw was found in the Linux kernel's batman-adv component. This vulnerability allows a local attacker to cause a denial of service DoS by sending malformed fragment chains. The flaw is due to incorrect accounting of fragment reassembly length, which can be truncated during updates, bypassing...

CVE-2026-52927

A flaw was found in the Linux kernel's netfilter ebtables component. The compatmtwfromuser function, responsible for converting ebtables extensions, does not properly validate user-supplied sizes for match or target extensions. An attacker providing a size smaller than expected by an extension ca...

EUVD-2026-39087

A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity namespace/name solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI...

CVE-2026-13208

A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity namespace/name solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI...