CVE-2026-45661

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote serve...

SUSE CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

EUVD-2026-33845

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

EUVD-2026-33810

In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Samba SMB Printer Share Utility Share Enumeration / File Access Testing Tool

This Python utility is a lightweight SMB interaction tool designed for enumerating Samba/Windows shares, identifying printer-related shares, testing write permissions, and uploading files to accessible SMB resources. It's written to target versions 4.22.10, 4.23.8 and 4.24.3...

PT-2026-45847

Name of the Vulnerable Software and Affected Versions glp versions prior to 11.0.7 Description An unauthenticated user with write access to the knowledge base can store a Cross-Site Scripting XSS payload in a knowledge base item. XSS is a type of security flaw where malicious scripts are injected...

SUSE SLES15 Security Update : kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2199-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2199-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.78 fixes various security issues The following security issues were fixed: -...

PT-2026-46607

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker to perform an out of bounds memory write by using a crafted video file. An out of bounds memory write occur...

SUSE SLES12 Security Update : kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2178-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2178-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: -...

PT-2026-45697

These are all security issues fixed in the sshfs-3.7.6-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-45871

Name of the Vulnerable Software and Affected Versions openSeaChest version 26.03.0 Description An out of bounds write occurs during the Trim/Unmap operation in openSeaChest. This issue allows for writing 16 bytes of extra memory outside of the allocated space when describing a range of Logical...

PT-2026-45768

Name of the Vulnerable Software and Affected Versions Amazon Kiro IDE versions prior to 0.11 Description Insufficient access control restrictions in the file write tool allow remote unauthenticated actors to execute arbitrary commands. This is achieved by using crafted instructions to write to...

PT-2026-45794

Name of the Vulnerable Software and Affected Versions Spacelabs Healthcare Sentinel versions 10.5.x and higher Spacelabs Healthcare Sentinel versions prior to 11.6.0 Description An unauthenticated remote code execution issue exists via a deprecated .NET Remoting HTTP channel exposed on port 8989...

PT-2026-46700

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in V8, the JavaScript and WebAssembly engine. This allows a remote attacker who has already compromised the renderer process to execute arbitrary code with...

PT-2026-46436

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in ANGLE, which is a compatibility layer that allows OpenGL ES to run on various graphics APIs. This issue allows a remote attacker to potentially exploit...

SUSE SLES12 Security Update : kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2137-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2137-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.258 fixes various security issues The following security issues were fixed: -...

From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agents

Memory is a core component of AI agents, enabling them to accumulate knowledge across interactions and improve performance. However, persistent memory introduces the risk of memory poisoning, where a single adversarial memory write can exert long-term influence over agent behavior. We present a...

PT-2026-45877

Name of the Vulnerable Software and Affected Versions openSeaChest version 25.05.3 Description An out-of-bounds write exists in the --showSupportedFormats command. This occurs when a maliciously crafted NVMe device provides a bogus value in the namespace FLBAS byte, allowing one extra byte to be...

PT-2026-45745

Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directo...

PT-2026-45750

Name of the Vulnerable Software and Affected Versions Gleam versions 1.16.0 through 1.17.0 Description A path traversal issue exists in the handling of custom documentation pages. The documentation.pages entries within the gleam.toml file are incorporated into filesystem paths without sufficient...