CVE-2026-41015

radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git not a release, the date range for the vulnerable code was less than a week, occurring after 6.1.2 but before 6.1...

CVE-2025-31972

HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components...