CVE-2026-33565

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

CVE-2026-28733

in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...

SUSE CVE-2026-8404

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

CVE-2026-24574

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

UBUNTU-CVE-2026-41074

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

EUVD-2026-31506

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

CVE-2026-28751

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

CVE-2026-27648

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...

CVE-2026-25781

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...

CVE-2026-27781

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

EUVD-2026-30834

in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...

CVE-2026-27766 multimedia_audio_framework has a Race Condition vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...

CVE-2026-25850

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...

EUVD-2026-30831

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...

EUVD-2026-30832

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...

OpenHarmony 缓冲区错误漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony 6.0 and earlier contained a buffer error vulnerability. Attackers could exploit this vulnerability to cause denial-of-service attacks that were irreversible...

Revive Adserver: PHP code injection via unexpected delivery limitation parameter

A vulnerability was reported in Revive Adserver 6.0.6 and earlier versions where user input was not properly validated when saving delivery limitations. This allowed a low-privileged user to inject malicious PHP code into the compiledlimitations field, which could then be executed during banner...

CVE-2026-42444

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...

SUSE-SU-2026:21547-1 Security update for strongswan

This update for strongswan fixes the following issues: Update to version 6.0.6 jscPED-16145. Security issued fixed: - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: NULL pointer dereference when processing padding in PKCS7 bsc1261717. -...