CVE-2026-10786

CVE-2026-10786 affects Devolutions Server 2026.2.4.0 and 2026.1.20.0 and earlier. The issue is improper access control in the ticketing integration settings that allows an authenticated low-privilege user to obtain cleartext credentials for configured ticketing integrations via a crafted API requ...

CVE-2026-52778

YesWiki (PHP-based wiki) exposes a vulnerability in the Bazar form field calculator (CalcField.php) present before version 4.6.6. The code attempts to sanitize user-defined mathematical formulas using a complex recursive regex prior to passing them to PHP eval(), creating a surface for Regular Ex...

CVE-2026-11557

The CVE-2026-11557 entry describes a vulnerability in Tenda F451 firmware (versions 1.0.0.7/1.0.0.9) affecting the Web Management Interface. The issue is in the function fromNatlimit in /goform/Natlimit, where manipulating the argument page can trigger a stack-based buffer overflow. The attack is...

CVE-2026-11556

Affected product: Tenda F451 routers (firmware 1.0.0.7/1.0.0.9). Vulnerable component: Web Management Interface, function formWriteFacMac in /goform/WriteFacMac. Root cause: parameter manipulation of mac leads to OS command injection. Impact: remote code execution with high severity (network vect...

CVE-2026-11555

CVE-2026-11555 affects D-Link DGS-1100-08PD (firmware 1.00.006). The Web Interface component processes /etc/boa.conf in an unknown way, leading to a least-privilege violation. The issue can be exploited remotely with high complexity; exploits are publicly available. No remediation details are pro...

CVE-2026-11554

CVE-2026-11554 affects TOTOLINK CP450 4.1.0cu.747. The vulnerability targets unknown code in the vsftpd component, specifically the /etc/vsftpd.conf file, and results in a least privileged access violation. The attack may be initiated remotely, and public exploit details exist. Current documents ...

CVE-2026-8913

The CVE affects Archer MR600 v5, specifically the WireGuard client configuration exposed via the web management interface. It enables command injection through improper neutralization of user-controlled input when applying configuration changes. An authenticated administrator can execute arbitrar...

CVE-2026-11553

Vulnerability (CVE-2026-11553) affects Tenda HG7HG9 and HG10 models (firmware variant 300001138_en_xpon). The flaw is in the function formPPPEdit in /boaform/formPPPEdit: manipulating the argument encodename causes a stack-based buffer overflow. The issue can be exploited remotely, and public exp...

CVE-2026-11552

The CVE-2026-11552 vulnerability affects SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. The issue concerns an unknown functionality in the file import_users.php, where manipulating the raw_password argument with t...

CVE-2026-45581

CVE-2026-45581 affects fabric-chaincode-java (Hyperledger Fabric chaincode runtime). In versions 2.3.1 through 2.5.09, when deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server’s INFO logs include the TLS private key password in plaintext, enabling an attacker with log a...

CVE-2026-25555

OpenBullet2 (

CVE-2026-25559

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2026-46481

OpenMetadata 1.12.1 is affected by a vulnerability in the TEST_CONNECTION workflow (POST /api/v1/automations/workflows) where a non-admin SSO user can trigger a TEST_CONNECTION and receive both the cleartext database password in the response and a valid ingestion-bot JWT in openMetadataServerConn...

CVE-2026-25856

OpenBullet2 (up to version 0.3.2) contains an authenticated remote code execution vulnerability: authenticated users can create/modify job configurations to execute arbitrary C# code on the server, with access to the file system, process spawning, and arbitrary .NET APIs as the process user. The ...

CVE-2026-25855

CVE-2026-25855 affects OpenBullet2 up to version 0.3.2. The issue is a remote code execution vulnerability where authenticated users can upload script files (.bat, .ps1, .sh) via the FileProxySource proxy loading feature. The server then executes the uploaded scripts and returns their output as p...

CVE-2026-39908

OpenBullet2 ≤ v0.3.2 on Windows suffers a credential disclosure via a UNC-path proxy source. When a job loads proxies from an attacker-controlled UNC path, an SMB authentication occurs and reveals the NTLMv2 hash of the process user, enabling relay or offline cracking. Affected component is the p...

CVE-2026-11534

Technical details about this CVE are not publicly available in the provided documents. Monitor for updates.

CVE-2026-43966

CVE-2026-43966 describes a HTTP Response Splitting flaw in the Erlang/cowlib component, where cow_http_struct_hd:escape_string/2 only escapes backslash and quote, allowing CRLF injection into structured HTTP header values. The mismatch between the encoder (allows any byte) and the parser (accepts...

CVE-2026-11533

The CVE-2026-11533 entry concerns imvks786 student_management_system (up to commit 9599b560ad3c3b83e75d328b76bedcd489ef1f46). A vulnerability in the file /see.php of the Student Deletion Endpoint allows manipulation of the del parameter to bypass authorization, with remote exploitation possible. ...

CVE-2026-11611

CVE-2026-11611 concerns the Content Synchronization persistent search plugin in 389 Directory Server. The flaw enables denial of service via unbounded memory growth when an authenticated client stops reading sync responses, and there are additional race conditions in the plugin thread lifecycle t...

CVE-2026-39910

The CVE-2026-39910 entry concerns STACKIT IaaS API: a missing authorization check lets an authenticated, low-privileged attacker attach arbitrary service accounts to owned virtual machines, escalating to full org compromise. The attacker can use the unvalidated PUT /servers/service-accounts endpo...

CVE-2026-11532

Summary of CVE-2026-11532 : The vulnerability affects the imvks786 “student_management_system” up to commit 9599b560ad3c3b83e75d328b76bedcd489ef1f46 and specifically targets an unknown function in the file /add.php of the “Student Record Handler” component. A manipulation of this function can lea...

CVE-2026-41448

CVE-2026-41448 affects AdGuard Home when started with --glinet. The vulnerability stems from unsanitized path construction in the authglinet middleware, enabling an authentication bypass via a crafted path traversal sequence in the Admin-Token cookie/header, yielding unauthenticated full admin ac...

CVE-2026-11531

The CVE concerns the imvks786 student_management_system (up to commit 9599b560ad3c3b83e75d328b76bedcd489ef1f46) where the admin_login.php endpoint (Administrator Login) is affected. The vulnerability arises from manipulating the arguments a_usr and a_pwd, enabling SQL injection through improperly...

CVE-2026-46314

The CVE concerns the Linux kernel’s drm/v3d component where v3d_get_extensions() walks a userspace-provided list of ioctl extensions without bound on chain length. A crafted self-referential extension (ext->next == &ext) with zero in_sync_count and out_sync_count can bypass the duplicate-exten...

CVE-2026-46313

The CVE-2026-46313 relates to the Linux kernel’s Intel IPU6 driver (drivers/media/pci/intel/ipu6/ipu6.c). In the error path of ipu6_pci_probe, isp->psys is an error pointer that is dereferenced, indicating a potential crash. The fix sets isp->psys to NULL before exiting the error path (out_...

CVE-2026-46312

The CVE-2026-46312 vulnerability in the Linux kernel concerns media: videobuf2. A fix was applied to vb2_dma_sg_mmap to set VMA flags (VM_DONTEXPAND/VM_DONTDUMP) so that vb2_dma_sg behaves consistently with vb2_dma_contig. This change prevents a WARN_ON in drm_gem_mmap_obj() during mmap() of an i...

CVE-2026-46311

CVE-2026-46311 (Linux kernel) involves the drm/amdgpu/userq path where access to a stale wptr mapping could occur during queue creation. The root cause is improper locking when accessing the mapping data, risking unmapping of wptr_obj while a queue is in progress and another BO is at the same add...

CVE-2026-46310

The vulnerability CVE-2026-46310 affects Linux kernel media: renesas vsp1, where unloading the gen 4 module could dereference NULL due to cleanup calling vsp1_drm_cleanup() instead of vsp1_vspx_cleanup(). The root cause is an IP version check omission during cleanup, which could trigger a NULL po...

CVE-2026-46309

CVE-2026-46309 concerns the Linux kernel’s DRM-XE UAPI path. The issue arises from missing validation in xe_vm_madvise_ioctl(): it could reject PAT indices with the XE_COH_NONE coherency mode when applied to CPU cached memory. If coh_none is used with CPU cached buffers, the clear operation may s...

CVE-2026-46308

In the Linux kernel, a use-after-free was fixed in mediatek’s scpsys_get_bus_protection_legacy by moving of_node_put(node) after the error check, preventing use of a freed device node when syscon_regmap_lookup_by_phandle() errors. Affected: Linux kernel code path; vulnerability details and risk a...

CVE-2026-46307

CVE-2026-46307 affects the Linux kernel ath5k driver, where a UBSAN-detected array-index-out-of-bounds in ath5k_tasklet_tx can write beyond a 4-entry ieee80211_tx_rate array, potentially overwriting the next info->status field (ack_signal). Rootcause: ts_final_idx may be 3, causing an out-of-b...

CVE-2026-46306

CVE-2026-46306 — Linux kernel PPPoE PFC flow-dissector fix The vulnerability affects the Linux kernel flow dissector for PPPoE when handling Protocol Field Compression (PFC) frames. A compressed 1-byte Protocol Field can shift the PPP payload by one byte, causing a 4-byte misalignment in the netw...

CVE-2026-46305

The CVE relates to the Linux kernel staging area, specifically rtl8723bs os_dep code in rtw_cbuf_alloc. The bug occurs when kzalloc_flex() allocation fails and the code dereferences the resulting pointer unconditionally, leading to a NULL pointer dereference. The patch adds a guard to the allocat...

CVE-2026-46304

MODE C: The CVE-2026-46304 entry centers on the Linux kernel nvmet subsystem. The vulnerability stems from nvmet_tcp_release_queue_work() running on the nvmet-wq and possibly dropping the final controller reference through nvmet_cq_put(), which can trigger nvmet_ctrl_free() and flush ctrl->asy...

CVE-2026-46303

The CVE-2026-46303 vulnerability affects the Linux kernel isofs Rock Ridge CE handling. rock_continue() could use rs->cont_extent without validating the block number, allowing potential reads of data from an adjacent filesystem via sb_bread() on crafted ISO mounts. The issue was addressed by p...

CVE-2026-46302

CVE-2026-46302 affects the Linux kernel, where the /sys/fs/selinux/policy file could be opened multiple times, allowing a process to block others from reading the policy. The patch eliminates the policy_opened flag and tightens the policy mutex critical section, removing some extraneous checks. T...

CVE-2026-46301

The CVE pertains to the Linux kernel SPI driver for topcliff-pch, where use-after-free can occur on unbind due to not flushing the driver queue before releasing DMA buffers. The fix adds a driver unbind sequence that flushes the queue prior to DMA buffer release. No exploitation details are provi...

CVE-2026-46299

CVE-2026-46299 (Linux kernel) affects the hfsplus filesystem during mount. hfsplus_fill_super() calls hfs_find_init() to initialize a search structure, which grabs tree->tree_lock. If hfsplus_cat_build_key() fails, control jumps to out_put_root without releasing the lock, causing a later clean...

CVE-2026-46298

CVE-2026-46298 : In the Linux kernel, a race during ioctl or release handling on pseries/papr-hvpipe could deadlock if an interrupt fires on the same CPU. The fix makes the affected lock usage use spin_lock_irqsave/restore to prevent the deadlock. The issue is resolved by the patch in the cited s...

CVE-2026-46297

CVE-2026-46297 involves a Linux kernel issue in net: libwx where using request_threaded_irq() with a primary handler and a NULL threaded handler together with IRQF_ONESHOT could trigger a warning in __setup_irq due to the commit aef30c8d569c. The vulnerability is resolved by switching to request_...

CVE-2026-46296

In CVE-2026-46296, the Linux kernel’s s3c64xx SPI driver had a NULL-deref risk on driver unbind due to a deallocation that remained after moving DMA channel allocation from probe() back to s3c64xx_spi_prepare_transfer(). The fix removes the corresponding DMA channel release from remove(), prevent...

CVE-2026-46295

In the Linux kernel KVM for x86, CVE-2026-46295 stems from a race between vmx_sync_pir_to_irr() on the target vCPU and __vmx_deliver_posted_interrupt() on a sender vCPU. The sequence of operations (pi_test_and_set_pir, then pi_test_and_set_on) can interleave such that the second sync reports max_...

CVE-2026-46294

Technical details about CVE-2026-46294 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-46293

In the Linux kernel, the clk: microchip: mpfs-ccc driver fixes an out-of-bounds access during output registration. UBSAN flagged a bound error when registering the last two outputs because the hws array only allocates space for two PLLs and four output dividers, while the defined IDs include two ...

CVE-2026-46292

In the Linux kernel, CVE-2026-46292 concerns the detach procedure for virtual devices in genpd. When a device is attached to a PM domain via genpd_dev_pm_attach_by_id(), genpd enables runtime PM for the virtual device, but genpd_dev_pm_detach() lacks a matching pm_runtime_disable(), potentially l...

CVE-2026-46291

CVE-2026-46291 concerns the Linux kernel crypto/caam path: hash_digest_key may dump sensitive HMAC key bytes when CONFIG_DYNAMIC_DEBUG is enabled. The fix redirects dumps to print_hex_dump_devel() to prevent leaking secrets at runtime. Affected behavior is that dynamic debugging could reveal HMAC...

CVE-2026-46290

The CVE describes a Linux kernel issue in x86/efi: after FPU-related softirq changes, kernel_fpu_begin() uses fpregs_lock() with local_bh_disable(), setting SOFTIRQ_OFFSET during EFI runtime calls. This makes in_interrupt() return true in normal task context, causing efi_crash_gracefully_on_page_...

CVE-2026-46289

In the Linux kernel, CVE-2026-46289 concerns bugs in lib/scatterlist during extract_kvec_to_sg when transferring data from a kvec to a sglist. The main issues: (1) the computed length for a sglist entry can exceed the page size, causing overread; (2) while extracting a user buffer, the sglist can...

CVE-2026-11530

Technical details about CVE-2026-11530 are not publicly available in the provided documents. Monitor for updates.