411 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-44582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be...
Linux Distros Unpatched Vulnerability : CVE-2026-9969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-9878
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
@antv/g6 (>=4.1.0 <=4.1.16), @antv/g6-element (>=0.0.1 <=0.0.16) +10 more potentially affected by unknown CVE via @antv/g6-core (>=0.0.1 <=0.0.9)
@antv/g6-core NPM version =0.0.1, =4.1.0, =0.0.1, =0.0.1, =0.0.1, =1.3.0, =2.0.0, =2.0.6, =0.0.1, =0.0.1, =0.5.85-1, =2.0.64 - motif-jupyter =0.0.1-beta.5 - yccw-common =0.5.85 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3985...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Linux Distros Unpatched Vulnerability : CVE-2026-8542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially...
@alivault/pico (>=0.1.0 <=0.1.2), @argus-vrt/web (=0.1.0) +74 more potentially affected by unknown CVE via @tanstack/react-start (>=1.167.2 <=1.167.65)
@tanstack/react-start NPM version =1.167.2, =0.1.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =1.0.0, =1.0.0, =1.0.3 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3468...
azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-2393 via mlflow-skinny (>=3.0.0 <=3.0.1)
mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-2393 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16642072...
@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +21 more potentially affected by CVE-2026-44001 via vm2 (>=3.0.0 <=3.10.5)
vm2 NPM version =3.0.0, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =1.1.0, =0.2.0, =0.1.64, =0.1.61, =1.66.16, =1.66.16, =1.72.1 and more Source cves: CVE-2026-44001 Source advisory: SNYK:JS-VM2-16438945...
Linux Distros Unpatched Vulnerability : CVE-2026-6531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CVE-2026-6531 Note that Nessus relies on the...
io.crossplane.compositefunctions:crossplane-function-example (>=1.20-alpha <=2.0.5), io.crossplane.compositefunctions:crossplane-function-springboot-starter (>=1.20-alpha <=2.0.5) +19 more potentially affected by CVE-2026-40968 via org.springframework.grpc:spring-grpc-core (>=1.0.0-RC1 <=1.0.2)
org.springframework.grpc:spring-grpc-core MAVEN version =1.0.0-RC1, =1.20-alpha, =1.20-alpha, =2026.01, =0.8.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =1.0.0, =1.0.0, =1.0.2 - org.springframew...
@armenak/aa (=1.0.1), @armenak/ui-kit (>=1.0.0 <=1.0.5) +73 more potentially affected by CVE-2026-41691 via i18next-http-backend (>=3.0.1 <=3.0.4)
i18next-http-backend NPM version =3.0.1, =1.0.0, =1.0.2, =3.12.2-pre.0a3e0d524e, =3.2.9, =3.2.9, =10.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =3.42.3, =3.8.2, =3.7.3, =3.7.11 - @eternal-baguette/sample-component =0.0.3 and more Source cves: CVE-2026-41691 Source advisory:...
Linux Distros Unpatched Vulnerability : CVE-2026-31480
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- -----...
net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by CVE-2026-41238 via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)
org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: CVE-2026-41238 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16132235...
Ubuntu: Security Advisory (USN-8148-6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-34197 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.4)
org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-34197 Source advisory: OSV:GHSA-RXPJ-7QVF-XV3...
Linux Distros Unpatched Vulnerability : CVE-2026-28388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number...