Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14273)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

OpenClaw has an unspecified vulnerability (CNVD-2026-13383)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that stems from the fact that under iMessage groupPolicy=allowlist, the identity of the sender from the DM pairing store can satisfy the group authorization, which can be exploited by an...

Elevation of Privilege Vulnerability in Multiple Apple Products (CNVD-2026-14475)

Apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. apple macOS is a specialized operating system developed for Mac computers. An elevation of privilege vulnerability exists in multiple Apple products and is due to a race condition in the CoreServices...

OpenClaw path traversal vulnerability (CNVD-2026-13427)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability. The vulnerability stems from the Feishu extension that allows sendMediaFeishu to treat an attacker-controlled mediaUrl value as a local file system path and read it...

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14483)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A security vulnerability exists in several Apple products that can be exploited by an attacker to cause an app to recognize other apps install...

Microsoft Windows Kernel Competitive Conditions Vulnerability

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. A competitive condition vulnerability exists in Microsoft Windows Kernel. The vulnerability stems from a competitive condition in the kernel's handling of certain operations and can be...

OpenClaw OS Command Injection Vulnerability (CNVD-2026-13373)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability that stems from the failure of maintainer/developer scripts/update-clawtributors.ts to properly filter construct command special characters, commands...

Apache Shiro Authentication Bypass Vulnerability

Apache Shiro is the United States Apache Apache Foundation set of Java security framework for performing authentication, authorization, encryption and session management . An authentication bypass vulnerability exists in Apache Shiro versions prior to 2.0.7. The vulnerability stems from an...

OpenClaw has an unspecified vulnerability (CNVD-2026-13376)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a security vulnerability that stems from logging not desensitizing Telegram bot tokens, which can be exploited by an attacker to cause token disclosure...

Unspecified Vulnerability in Mozilla Firefox for iOS (CNVD-2026-19942)

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS, which can be exploited by an attacker to cause the address bar and page content to be out of sync, allowing the attacker to forge...

WordPress plugin Aardvark cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Aardvark has a cross-site scripting vulnerability, the vulnerability stems fro...

Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14492)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products and is caused by a logic issue in a kerne...

Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14284)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the timedaccess.cgi endpoint MACHINES parameter on the user-supplied data lack of effective filtering and escaping , an...

Microsoft GitHub Copilot for JetBrains Command Injection Vulnerability

Microsoft GitHub Copilot for JetBrains is an AI programming assistant plugin from Microsoft USA that can be installed in various IDEs produced by JetBrains. A command injection vulnerability exists in Microsoft GitHub Copilot for JetBrains. The vulnerability stems from the application failing to...

Adobe After Effects suffers from an out-of-bounds read vulnerability (CNVD-2026-12689)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...

Zyxel EX3510-B0 UPnP command injection vulnerability

The Zyxel EX3510-B0 is a Gigabit Ethernet switch produced by Zyxel Technology. The Zyxel EX3510-B0 UPnP device has a command injection vulnerability related to UPnP SOAP requests. This vulnerability stems from incorrect filtering of input parameters, allowing remote attackers to execute arbitrary...

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14485)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logging issue in the Game Center component wh...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14481)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14482)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14484)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14487)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products and is caused due to an error in the...

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14495)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue in...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14279)

Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a set of operating systems developed for mobile devices.Apple macOS is a set of specialized operating systems developed specifically for Mac computers.Apple Safari is a we...

Microsoft Outlook Information Disclosure Vulnerability (CNVD-2026-12557)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

Microsoft Excel Buffer Overflow Vulnerability (CNVD-2026-12552)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel. The vulnerability stems from the program's failure to properly validate the length and size of input data, which can be exploited by an attacker ...

IBM Concert has a weak cryptographic algorithm vulnerability

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform, announced by International Business Machines IBM Corporation at the IBM Think conference in Boston, USA. A weak cryptographic algorithm vulnerability exis...

IBM Concert Information Disclosure Vulnerability (CNVD-2026-13786)

IBM Concert is IBM's software platform for orchestrating and managing enterprise-class applications. An information disclosure vulnerability exists in IBM Concert. An attacker could exploit this vulnerability to steal sensitive information via a man-in-the-middle attack...

IBM Concert Cross-Site Scripting Vulnerability (CNVD-2026-13785)

IBM Concert is IBM for the Z platform integrated Web services framework. A cross-site scripting vulnerability exists in IBM Concert. An attacker can exploit this vulnerability to inject arbitrary JavaScript code to tamper with the functionality of the web interface, resulting in the disclosure of...

Apache Superset Input Validation Vulnerability

Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...

Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12868)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12869)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

Adobe After Effects Type Obfuscation Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A type confusion vulnerability exists in Adobe After Effects, which can be...

Microsoft Defender for Linux Code Execution Vulnerability

Microsoft Defender for Linux is Microsoft's own antivirus security software. A security vulnerability exists in Microsoft Defender for Linux that originates from improper input validation and can be exploited by remote attackers to execute arbitrary code...

Adobe After Effects Buffer Overflow Vulnerability (CNVD-2026-12870)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A buffer overflow vulnerability exists in Adobe After Effects, which can be...

Adobe After Effects Resource Management Error Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

Adobe DNG SDK Buffer Overflow Vulnerability

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. A buffer overflow vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an...

Advantech WISE-6610 OS Command Injection Vulnerability

Advantech WISE-6610 is a core gateway device from Advantech, Taiwan, China. The Advantech WISE-6610 suffers from an operating system command injection vulnerability that originates from a misuse of the parameter deletefile in the file /cgi-bin/luci/admin/openvpnapply, which can be exploited by an...

Adobe After Effects Input Validation Error Vulnerability (CNVD-2026-12866)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An input validation error vulnerability exists in Adobe After Effects, whic...

Adobe Audition Buffer Overflow Vulnerability (CNVD-2026-14505)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. A buffer overflow vulnerability exists in Adobe...

Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-14504)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance3D Designer, which can be exploited by an attacker to execute arbitrary code in the current user environment...

Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2026-14506)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from an out-of-bounds read...

Adobe Substance3D Designer Out-of-Bounds Write Vulnerability

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. Adobe Substance3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's context...

Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-12875)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...

Adobe Substance3D Designer Buffer Overflow Vulnerability (CNVD-2026-12872)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...

Adobe Audition Buffer Overflow Vulnerability

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A buffer overflow vulnerability exists in Adobe Audition,...

Adobe Substance3D Designer Out-of-Bounds Read Vulnerability (CNVD-2026-17719)

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause memory exposure and sensitive information disclosure...

Adobe Audition out-of-bounds write vulnerability (CNVD-2026-14508)

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from an out-of-bounds write...

Adobe Substance3D Designer Code Issue Vulnerability

Adobe Substance3D Designer is a texture and material creation software from the American company Audobee Adobe. A code issue vulnerability exists in Adobe Substance3D Designer, which can be exploited by attackers to cause a denial of service in the application...

Adobe Audition Denial of Service Vulnerability

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. Adobe Audition suffers from a denial of service vulnerabili...

Apache Druid Authentication Bypass Vulnerability

Apache Druid is the United States Apache Apache Foundation of a use of the Java language , written in column-oriented open source distributed database . Apache Druid has a security vulnerability that originates from improper validation of LDAP authentication responses, which could lead to...