CVE-2025-36074

IBM Security Verify Directory Container 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could upload malicious files into the system that can be sent to victims for performing further attacks against...

IBM Guardium Key Lifecycle Manager 安全漏洞

IBM Guardium Key Lifecycle Manager is a key management system provided by IBM that offers capabilities for generating, distributing, and managing encrypted keys. There is a security vulnerability in IBM Guardium Key Lifecycle Manager, which stems from improper permission management. This...

Flowise 代码注入漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Prior versions of Flowise 3.1.0 contained a code injection vulnerability, which was caused by a lack of input validation in the AirtableAgent.ts file. This vulnerability could lead to remote code...

IBM Guardium Data Protection 代码问题漏洞

IBM Guardium Data Protection is a comprehensive data security platform developed by the American company International Business Machines IBM. There are code-related vulnerabilities in versions 12.0, 12.1, and 12.2 of IBM Guardium Data Protection. These vulnerabilities stem from security...

PT-2026-34830

@HaifeiLi Zero days are numbered, as in CVE-2026-0001, CVE-2026-0002, CVE-2026-0003...

VeRL 权限许可和访问控制问题漏洞

VeRL is an open-source reinforcement learning framework developed by ByteDance, aimed at optimizing large model training and inference processes. Versions of VeRL prior to 0.7.0 contained vulnerabilities related to permission licensing and access control. These vulnerabilities stemmed from a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-014265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014265 advisory. Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow...

PT-2026-34831

@HaifeiLi Zero days are numbered, as in CVE-2026-0001, CVE-2026-0002, CVE-2026-0003...

IBM Security Verify Directory 代码问题漏洞

IBM Security Verify Directory is part of an authentication and access management solution from International Business Machines IBM. A file upload vulnerability exists in IBM Security Verify Directory versions 10.0.0 through 10.0.0.3. The vulnerability stems from an unverified file type and can be...

CVE-2026-5926 Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 uses weaker than expected cryptographic algorithms that could allow an...

CVE-2026-1272

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnerability in the user access control panel...

CVE-2026-1274 IBM Guardium Data Protection is affected by multiple vulnerabilities

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

CVE-2026-1274 IBM Guardium Data Protection is affected by multiple vulnerabilities

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 are affected by CVE-2026-1274, a Bypass Business Logic vulnerability in the access management control panel (CWE-840). The IBM bulletin lists the affected versions and provides version-specific fixes via Fix Central bundles for 12.0, 12.1, and 12....

CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

CVE-2026-31498

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol implementation. A remote attacker could exploit this by sending a malformed configuration request with a zero-valued maximum PDU Protocol Data Unit size. This could lead to an infinite loop,...

nimiq-blockchain: Peer-triggerable panic during history sync

Impact HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into...

EUVD-2026-25032

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...

GHSA-5PV5-XH52-HVRP uutils coreutils has an Incorrect Short Circuit Evaluation Issue

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...

uutils coreutils has an Incorrect Short Circuit Evaluation Issue

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...