DEBIAN-CVE-2026-11240

Insufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

DEBIAN-CVE-2026-11242

Insufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

RLSA-2026:21755 Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

Linux Distros Unpatched Vulnerability : CVE-2026-11241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege...

SAMSUNG Plus TV 安全漏洞

SAMSUNG Plus TV is a free advertising-supported streaming television platform developed by South Korea’s Samsung Corporation. Versions of SAMSUNG Plus TV prior to 1.0.28.6 contained security vulnerabilities, which were caused by improper input validation. These vulnerabilities could allow remote...

SAMSUNG Members 安全漏洞

Samsung Members is a community platform app developed by South Korea’s Samsung Corporation. Versions of Samsung Members prior to 5.8.01.5 contained security vulnerabilities. These vulnerabilities were due to improper input validation, which could allow local attackers to use Samsung Members...

PT-2026-48345

Summary Every transaction gossiped on the klever-go P2P network is decoded and validated synchronously inside the libp2p pubsub topic-validator callback. The validator txVersionChecker.CheckTxVersion dereferences tx.RawData.Version with no nil check. A protobuf Transaction whose embedded RawData...

Morse Micro HaLowLink 安全漏洞

Morse Micro HaLowLink is a series of long-range wireless gateway devices developed by Morse Micro Corporation. Versions of Morse Micro HaLowLink prior to 2.2.11.13 contained security vulnerabilities. These vulnerabilities stemmed from the use of the IE length field as the size parameter for the...

WordPress plugin Product Slider Pro for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

Linux Distros Unpatched Vulnerability : CVE-2026-11223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process...

Linux Distros Unpatched Vulnerability : CVE-2026-11244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the render...

ROS-20260605-73-0042

The vulnerability in Tomcat11 is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

ROS-20260605-73-0041

The vulnerability in Tomcat10 is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

ROS-20260605-73-0040

The vulnerability in Tomcat is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Linux Distros Unpatched Vulnerability : CVE-2026-11213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

Empirical Evaluation of Large Language Models for Migration of Code Fragments to Post-Quantum Cryptography

The transition to post-quantum cryptography PQC requires not only replacing vulnerable cryptographic primitives, but also refactoring the surrounding software logic. While existing PQC migration frameworks provide organizational guidance, practical code-level remediation remains largely manual an...

HAXCMS 输入验证错误漏洞

HAXCMS is an open-source content management system developed by HAX The Web. Versions of HAXCMS prior to 26.0.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from unvalidated site creation requests, which could allow authenticated attackers to send...

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. There are...

Altium Enterprise Server 安全漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in Altium Enterprise Server, which stems from improper validation of user-controlled path components. As a result, authenticated users can writ...

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from improper validation of the sessionId parameter by the file manager’s functionality. The identifier controlle...