CVE-2026-20451

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

EUVD-2026-26891

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

CVE-2026-20451

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

CVE-2026-20451

CVE-2026-20451 affects the slbc component. An out-of-bounds write caused by type confusion could enable local privilege escalation to SYSTEM without user interaction. Patch ALPS10828685 (MSV-6504) addresses the issue. Exploitation details are not provided. CVSSv3.1 metrics: AV:L/AC:L/PR:H/UI:N/S:...

OSV-2026-678 UNKNOWN WRITE in ___interceptor_strncpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=508899220 Crash type: UNKNOWN WRITE Crash state: interceptorstrncpy concathashstring ndpisearchsshtcp...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Linux Kernel LPE Educational rew...

Evolver 路径遍历漏洞

Evolver is an intelligent agent-based self-evolution tool developed by EvoMap. Versions of Evolver prior to 1.69.3 contained a path traversal vulnerability. This vulnerability stemmed from issues with path traversal in skill download commands, which could allow attackers to write files to any...

goshs 跨站请求伪造漏洞

Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs prior to 2.0.2 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of CSRF token verification in the PUT upload handler. Combined with the unconditional...

RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2018:3537)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3537 advisory. - kibana: Cross-site scripting via the source field formatter CVE-2018-3830 - nodejs: Out of bounds OOB write via UCS-2 encoding...

RHCOS 4 : OpenShift Container Platform 4.14.59 (RHSA-2025:21328)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21328 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 - runc: container escape via...

PT-2026-36858

Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An arbitrary file write issue exists in this agentic framework for reflective PowerPoint generation. The flaw occurs through the save generated slides function. Recommendations Update to...

PT-2026-36853

Name of the Vulnerable Software and Affected Versions Evolver versions prior to 1.69.3 Description A path traversal issue exists in the skill download fetch command. The --out= flag accepts user-provided paths without proper validation, allowing attackers to write files to arbitrary locations on...

DIE-engine 安全漏洞

DIE-engine is a file type detection and reverse analysis tool developed by Hors’ individual developer. Versions of DIE-engine prior to 3.21 contained security vulnerabilities. These vulnerabilities were caused by path traversal attacks, allowing attackers to write arbitrary files into the file...

PT-2026-36888

Name of the Vulnerable Software and Affected Versions Detect-It-Easy versions prior to 3.21 Description Insufficient path normalization during archive extraction allows attackers to write arbitrary files to the filesystem. By crafting malicious archive entries using absolute paths or relative...

RHEL 9 : thunderbird (RHSA-2026:13533)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13533 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-fr...

OpenC3 COSMOS 安全漏洞

OpenC3 COSMOS is an open-source application developed by OpenC3. Vulnerabilities exist in versions of OpenC3 COSMOS prior to 6.10.5 and 7.0.0-rc3. These vulnerabilities stem from design flaws in the savetoolconfig function, allowing the ability to save tool configuration files at any position...

PT-2026-36769

Name of the Vulnerable Software and Affected Versions slbc affected versions not specified Description An out-of-bounds write occurs due to type confusion, which is a situation where a program accesses a resource using a type that differs from the type used to create it. This can lead to local...

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:1633)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1633 advisory. - kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via kubectl cp CVE-2019-11246 Note that Nessus has not test...

PT-2026-36856

Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An agentic framework for reflective PowerPoint generation allows arbitrary file write and directory creation through the markdown table to image function. Recommendations Update to commit...

PT-2026-38680

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm-ESP and RxRPC subsystems of the Linux kernel involving unsafe in-place cryptographic processing of shared socket buffer fragments. Specifically, when MSG SPLI...