CVE-2026-42512 Remotely triggerable out-of-bounds heap write in dhclient

As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun. A specially crafted packet can cause dhclient to...

Exploit for CVE-2026-31431

CVE-2026-31431 — "Copy Fail" Research Repository !Severity:...

Exploit for Out-of-bounds Read in Linaro Op-Tee

CVE-2026-33317 OP-TEE PKCS11 PoC This repository contains th...

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Detection & Response Package P...

Exploit for CVE-2026-31431

Copy-Fail Exploit CVE-2026-31431 Local privilege escalation...

CVE-2026-36760

An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled...

EUVD-2026-26401

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

Exim 缓冲区错误漏洞

Exim is an open-source message transfer agent MTA developed by Exim Software. It operates on Unix-based systems and is primarily responsible for routing, forwarding, and delivering emails. Prior to Exim 4.99.2, there was a buffer error vulnerability. This vulnerability stemmed from the JSON...

CVE-2026-36767

shopizer 3.2.5 is affected by a path traversal vulnerability in the /content/images/add endpoint that allows an attacker to write arbitrary files to any writable path via a crafted POST request. This is a high-impact issue (CVSS v3.1: 10.0, critical, network access, no authentication, user intera...

CVE-2026-36760

An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

EUVD-2026-26396

An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations...

PT-2026-36133

Name of the Vulnerable Software and Affected Versions shopizer version 3.2.5 Description A path traversal issue in the '/content/images/add' endpoint allows attackers to write arbitrary files to any writable path using a crafted POST request. Path traversal is a technique that allows an attacker ...

CVE-2026-36767

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

PT-2026-36175

Name of the Vulnerable Software and Affected Versions Secure Access Windows client versions prior to 14.50 Description An arbitrary read/write issue exists where attackers with local control of the Windows client can send malformed data to an API to elevate their privileges to system level...

Absolute Secure Access 缓冲区错误漏洞

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a buffer error vulnerability. This vulnerability could lead to...

PT-2026-36189

IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...

CVE-2026-40687

In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory...

CVE-2026-36762

An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations...

JeeSite 路径遍历漏洞

JeeSite is a Java rapid development platform open-sourced by Zhuo Yuan thinkgem in Jinan, China. Version 5.15.1 of JeeSite contains a path traversal vulnerability. This vulnerability stems from an issue with the fileEntityId parameter in the /a/file/upload endpoint. It could allow authenticated...