CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2026-12308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12308...

CVE-2026-46944

Technical details (affected product, vulnerable component, impact, remediation) are not publicly available in the provided documents. Monitor for updates from Oracle and CVE feeds.

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-2272)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 Tenable has...

CVE-2026-10971

An insufficient validation of untrusted input flaw was found in the Printing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513005991...

Linux Distros Unpatched Vulnerability : CVE-2026-11074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

Linux Distros Unpatched Vulnerability : CVE-2026-42496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar...

PT-2026-42469

Name of the Vulnerable Software and Affected Versions Apex One/SEP agent affected versions not specified Description An origin validation error in the process protection mechanism allows a local attacker to escalate privileges. To exploit this issue, the attacker must first have the ability to...

CVE-2018-6400

creationtimestamp| type| source ---|---|--- 2026-05-13 20:00:00+00:00| seen| https://jvn.jp/en/jp/JVN14434132...

CVE-2026-40067 BIG-IP APM Vulnerability

When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

@tanstack/solid-start (>=1.121.0-alpha.28 <=1.167.62) potentially affected by CVE-2026-45321 via @tanstack/solid-start-client (>=1.121.0-alpha.28 <=1.166.5)

@tanstack/solid-start-client NPM version =1.121.0-alpha.28, =1.121.0-alpha.28, =1.167.62 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKSOLIDSTARTCLIENT-16640233...

@akemona-org/strapi-connector-mongoose (>=3.13.0 <=3.17.2), @andybeat/clothingshop-nestjs (>=2.9.0 <=2.12.0) +87 more potentially affected by CVE-2026-42334 via mongoose (>=8.0.0 <=8.21.0)

mongoose NPM version =8.0.0, =3.13.0, =2.9.0, =0.10.18, =0.10.21, =1.3.5, =3.8.0, =1.0.1, =8.10.0, =0.8.7, =1.0.1, =1.5.1, =1.12.42, =7.0.0, =0.0.1-20250418035022-6dadadb.0, =0.6.0, =0.11.0 and more Source cves: CVE-2026-42334 Source advisory: SNYK:JS-MONGOOSE-16425765...

BELL-CVE-2026-43057

Bulletin has no description...

BELL-CVE-2026-43049

Bulletin has no description...

GHSA-MP3R-6558-HVG8 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-aws, linux-qemu, linux-gcp...

GHSA-Q49F-XG75-M9XW vulnerabilities

Vulnerabilities for packages: wizer, yara-x, wasmcloud, zed...

Linux Distros Unpatched Vulnerability : CVE-2026-6753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

CVE-2026-32955

creationtimestamp| type| source ---|---|--- 2026-04-19 19:30:00+00:00| seen| https://jvn.jp/en/vu/JVNVU94271449 2026-04-20 05:17:09+00:00| seen| Telegram/oT3io0aR7EQyKUnAhTuUuKTmw-PFwRgwwLAn7oSA51QT1kY 2026-04-20 06:00:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjvs3zrp3e2c...

CVE-2026-40118

creationtimestamp| type| source ---|---|--- 2026-04-15 20:00:00+00:00| seen| https://jvn.jp/en/jp/JVN88396700...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...