CVE-2026-1698

A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote attacker to inject harmful payloads that manipulate server-side behavior. This vulnerability only affects the endpoints...

CVE-2026-1698 HTTP Host header vulnerability in WebClient and WebScheduler web apps

A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote attacker to inject harmful payloads that manipulate server-side behavior. This vulnerability only affects the endpoints...

CVE-2026-1698

CVE-2026-1698 affects PcVue WebClient and WebScheduler web apps (versions 15.0.0–16.3.3). A HTTP Host header vulnerability could let an attacker craft requests that influence server-side behavior, specifically targeting endpoints /Authentication/ExternalLogin, /Authentication/AuthorizationCodeCal...

CVE-2026-25087 Apache Arrow: Potential use-after-free when reading IPC file with pre-buffering

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

Frappe Technologies Frappe 路径遍历漏洞

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A path traversal vulnerability exists in Frappe Technologies Frappe versions 14.99.5 and earlier and versions 15.0.0 through 15.80.1, which stems from a...

org.keycloak:keycloak-guides (>=15.1.0 <=15.1.1), org.keycloak:keycloak-guides-maven-plugin (>=15.1.0 <=15.1.1) +3 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=15.0.0 <=15.1.1)

org.keycloak:keycloak-quarkus-server MAVEN version =15.0.0, =15.1.0, =15.1.0, =15.1.0, =15.0.0, =15.0.0, =15.1.1 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...

Visual Studio 2017 Security Update (15.9.79)

This security update applies to all editions of Visual Studio 2017 between versions 15.0.0 and 15.9.78, and will update client machines to version 15.9.79. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order...