PT-2026-39145

Name of the Vulnerable Software and Affected Versions Akamai Guardicore Platform Agent versions 7.0 through 7.3.1 Akamai Zero Trust Client versions 6.0 through 6.1.5 Akamai Guardicore Platform Agent affected versions not specified Description Local privilege escalation is possible on Linux and...

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

Akamai Guardicore Platform Agent 安全漏洞

The Akamai Guardicore Platform Agent is a security agent provided by the American company Akamai. Vulnerabilities exist in versions 7.0 to 7.3.1 of the Akamai Guardicore Platform Agent, as well as in versions 6.0 to 6.1.5 of the Akamai Zero Trust Client. These vulnerabilities stem from local...

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

PT-2026-39200

Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description Opening a .gpp file causes the language server to parse a companion .vmid file from the same directory. The VMID parser uses XDocument.Loadpath without XmlReaderSettings, which in .NET...

CodeAstro Leave Management System 注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a vulnerability related to SQL injection, which arises from improper handling of the parameter txtusername in the file/login.php...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the definition of the event loop index field in versions of IPA 5.0 and later. The old...

zrok 路径遍历漏洞

Zrok is a secure internet sharing tool developed by OpenZiti. Versions of Zrok prior to 2.0.2 contained a path traversal vulnerability. This vulnerability stemmed from the WebDAV driver’s backend, which restricted path traversal through lexical normalization but did not prevent symbolic links fro...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the bin2hex parameter in the q54sj108a2debugfsread function, which leads to a stack buffer...

Securing the Dark Matter: A Semantic-Enhanced Neuro-Symbolic Framework for Supply Chain Analysis of Opaque Industrial Software

Automated vulnerability detection in critical-infrastructure software confronts a fundamental barrier: industrial software is routinely deployed as stripped, symbol-free binaries that deprive conventional Software Composition Analysis of the source-level transparency it requires. Existing binary...

PT-2026-38974

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zero vruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zero vruntime tracking". The combination of yield and...

PT-2026-39219

Name of the Vulnerable Software and Affected Versions Termix versions prior to 2.1.0 Description Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The 'extractArchive' and 'compressFiles' endpoints in file-manager.ts use double-quot...

PT-2026-39244

Name of the Vulnerable Software and Affected Versions Gitsign versions 0.4.0 through 0.14.x Description In the CertVerifier.Verify function within pkg/git/verifier.go, the software unconditionally dereferences the first element of a certificate slice certs0 after calling sd.GetCertificates withou...

PT-2026-39015

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero issue exists in the set samp freq function within the hx9023s proximity driver of the Industrial I/O IIO subsystem. This occurs when the sampling frequency is...

PT-2026-39069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Ceph component of the Linux kernel where the ceph mdsc build path function is called without a zero-initialized ceph path info parameter. Because ceph mdsc build pat...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the conntimeout value being less than 4 in the tipcskfilterconnect function, leading to a zero...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which may lead to a zero-division error when the sampling frequency is not specified...

Linux Distros Unpatched Vulnerability : CVE-2026-42150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wlc is a Weblate command-line client using Weblate's REST API. Prior to version 2.0.0, the HTML output format in wlc embeds API response data into HTML without...

PT-2026-38713

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

PT-2026-39235

Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Description Improper permission handling allows a CMS user with limited page access to copy a page they are not authorized to access to a site area where they do have permissions...