366493 matches found
CVE-2025-66279
CVE-2025-66279 is a command-injection vulnerability affecting several QNAP OS versions. The issue allows an attacker who already has an administrator account to execute arbitrary commands remotely. Affected products/versions include QTS 5.2.9.3410 build 20260214 and later; QuTS hero h5.2.9.3410 b...
CVE-2025-66273
CVE-2025-66273 is a command-injection vulnerability affecting several QNAP OS versions. If an attacker gains an administrator account, they can execute arbitrary commands. Fixed in QTS 5.2.9.3410 build 20260214 and later, QuTS hero h5.2.9.3410 build 20260214 and later, QuTS hero h5.3.4.3500 build...
CVE-2025-62851
The issue is CVE-2025-62851 affecting License Center. A path traversal vulnerability exists when an attacker who already has an administrator account can read contents of unexpected files or system data. The vulnerability details indicate exploitation requires administrator privileges and does no...
CVE-2025-62850
CVE-2025-62850 is a NULL pointer dereference affecting multiple QNAP QuTS Hero OS versions. According to the sources, an attacker who gains an administrator account can trigger a DoS via a network-based exploit. Affected fixed versions are: QuTS hero h5.2.9.3410 build 20260214 and later; h5.3.4.3...
CVE-2026-44941
Technical details for CVE-2026-44941 are not publicly available in the provided documents. No affected products, vectors, or fixes are specified. Monitor for future updates.
CVE-2026-48785
Technical details for CVE-2026-48785 are not publicly available in the provided documents. Monitor for updates.
CVE-2025-58468
CVE-2025-58468—Notification Center describes a cross-site request forgery (CSRF) vulnerability that could allow remote attackers to gain privileges or hijack user identities. The advisory states the issue is fixed in Notification Center version 1.10.0.3291 and later. From the connected records, n...
CVE-2025-59382
CVE-2025-59382 affects QTS, QuTS hero, QuTScloud and QVP (QVR Pro appliances). The connected documents state these products are not affected by the vulnerability, and that the vulnerability has been fixed in a following version. No exploit details, affected subcomponents, or specific versions are...
CVE-2025-66276
CVE-2025-66276 (QTS) is not an active vulnerability for QuTS hero. The CVE entry states QuTS hero is not affected and a fix is available in QTS 5.2.7.3256 build 20250913 and later. According to the provided metrics, CVSS 4.0 base score is 9.2 (CRITICAL) with network attack vector, low attack comp...
CVE-2026-46532
CVE-2026-46532 describes a heap/out-of-bounds read in Espressif’s ESF-IDF (IoT Development Framework) due to the BlueDroid AVRCP vendor-command parser (avrc_pars_vendor_cmd) in bluedroid. Affected versions are 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0. The issue has been patched in 5.2.7, 5.3.6, 5.4.5,...
CVE-2026-45542
ESF-IDF (Espressif IoT Development Framework) versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 suffer a heap buffer overflow in protocomm Security Scheme 2 (SRP6a) during session setup. The handle_session_command0() path copies a client-provided SRP6a username field into a smaller destination buffer,...
CVE-2026-45329
ESF-IDF (Espressif IoT Development Framework) contains a vulnerability in ESP-TEE secure-service wrappers (esp_secure_services.c and esp_secure_services_iram.c) affecting versions 5.5.4 and 6.0. Several caller-supplied pointer arguments were not fully validated, allowing inputs to reference TEE-e...
CVE-2026-45328
The CVE concerns ESF-IDF’s ESP-IDF esp_tee component. In versions 5.5.4 and 6.0, the secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c bridge calls from the REE to TEE-protected peripherals (AES, SHA, ECC, HMAC, SPI, MMU, WDT) and security features (attestation, OTA,...
CVE-2026-45160
ESF-IDF’s ESP-IDF lwIP DHCP server option parser (parse_options in dhcpserver.c) has an out-of-bounds read in the BOOTP/DHCP options parsing. In affected releases 5.2.7, 5.3.5, 5.4.4, 5.5.4 and 6.0.1, a crafted DHCP request can cause reads past the end of the options buffer into adjacent heap mem...
CVE-2026-45541
The CVE describes a NULL-pointer dereference in the WebSocket subprotocol-negotiation path of the esp_http_server component in ESF-IDF. During the WebSocket handshake, parsing the clientS WebSocket Protocol header may dereference a NULL tokenisation result, causing a crash before any application...
CVE-2026-11915
The connected data indicate DRUPAL-CONTRIB-2026-047 and PT-2026-48595 refer to a Drupal contrib project that is marked as unsupported, with a known security issue that has not been fixed by the maintainer. No specific affected product/version or CVE details are provided in these documents, and no...
CVE-2026-11909
Technical details for CVE-2026-11909 are not publicly available in the provided documents; no affected products, impact, or fixes are disclosed. Monitor for updates and forthcoming disclosures.
CVE-2026-11908
CVE-2026-11908 is associated with a Drupal Contrib module that uses the Tagify JavaScript library. The issue: improper sanitisation of parent taxonomy term names in the Tagify dropdown , leading to a cross-site scripting (XSS) risk. Exploitation requires a user role with permission to create or e...
CVE-2026-1052
Technical details for CVE-2026-1052 are not publicly available in the provided documents. Monitor for updates from the connected PT-SECURITY entry and any new references.
CVE-2026-11913
Technical details for CVE-2026-11913 are not publicly available in the provided documents. The entry remains reserved; no exploited information or affected products are disclosed here. Monitor for updates as new details are published.
CVE-2026-11914
Technical details for CVE-2026-11914 are not publicly available in the provided documents. Connected records discuss Drupal Composer module issues unrelated to this CVE. Monitor for updates.
CVE-2026-53698
CVE-2026-53698 affects Silverpeas up to version 6.4.6, where the Personal space feature is mishandled when no componentId is set. The issue is described as a misbehavior in handling Personal space, with a CVSS v3.1 base score of 6.5 (Network attack vector, Low attack complexity, Privileges Requir...
CVE-2026-44634
The CVE-2026-44634 affects SimpleBLE prior to version 0.14.0, with multiple stack-based buffer overflow flaws. One in the dongl backend’s Protocol::simpleble_write (local, caller-controlled input); two related to processing BLE advertisement data (manufacturer-specific and service data) that can ...
CVE-2026-46546
Summary: CVE-2026-46546 affects Frappe LMS. Before v2.53.0, an authenticated user could insert crafted content in certain user-editable fields, which—when surfaced in page metadata—caused visitors’ browsers to navigate to an attacker-chosen URL. The issue has been patched in v2.53.0. Impact (as s...
CVE-2026-47838
Spring Security CVE-2026-47838 involves the SubjectDnX509PrincipalExtractor and malformed X.509 CN values, causing the extracted username to be read incorrectly and potentially allowing an attacker to impersonate another user. Affected versions include Spring Security 5.7.0–5.7.24; 5.8.0–5.8.26; ...
CVE-2026-41837
CVE-2026-41837 impacts Spring Data REST where the Querydsl integration accepts arbitrary persistent property paths as request-parameter filter keys and does not apply Jackson customizations before passing them to Querydsl. Affected versions include Spring Data REST 3.7.0–3.7.19; 4.3.0–4.3.16; 4.4...
CVE-2026-41732
CVE-2026-41732 affects Spring for Apache Pulsar due to JsonPulsarHeaderMapper using a prefix-based check on trusted packages, causing trust to cascade to subpackages. An empty trusted-packages config can default to trusting all packages. This exposes potential deserialization risk by allowing acc...
CVE-2026-41731
Spring for Apache Kafka vulnerable due to overly broad trusted-package matching in JsonKafkaHeaderMapper and deprecated DefaultKafkaHeaderMapper: they compare type headers against trusted packages with a prefix check, causing any trusted package to implicitly trust all subpackages. When combined ...
CVE-2026-41730
Spring Data REST is the affected component. The CVE describes that it serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence‑layer internals to HTTP clients. Affected versions include Spring Data REST 3.7.0–3.7.19; 4.3.0–4.3.16; 4.4.0–4.4.14; 4...
CVE-2026-41729
CVE-2026-41729 : Spring Data REST is vulnerable to SpEL expression injection via map-typed properties when processing JSON Patch (application/json-patch+json) requests. When a persistent entity exposes a Map-typed property, the JSON Pointer path segment used as the map key is embedded directly in...
CVE-2026-41728
Spring Data REST is affected by CVE-2026-41728 due to its JSON Patch (application/json-patch+json) handling not applying the write-access filter to intermediate path segments when resolving multi-segment JSON Pointers. Affected versions include Spring Data REST 3.7.0–3.7.19; 4.3.0–4.3.16; 4.4.0–4...
CVE-2026-41727
Summary: Spring for Apache Kafka’s retry topic infrastructure does not adequately validate user-controlled header values, allowing a crafted retry_topic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify a message’s position in the retry sequen...
CVE-2026-41726
In Spring for Apache Kafka, CVE-2026-41726 arises when an application uses the DelegatingDeserializer and an attacker can send records with unique, random spring.kafka.serialization.selector header values. This can cause the consumer’s heap to grow without bound, leading to garbage-collection thr...
CVE-2026-41721
Spring Data Commons vulnerability (CVE-2026-41721) can cause a Denial of Service when Spring Data Web Support is enabled and a controller uses @ProjectedPayload; a specially crafted HTTP request may cause excessive memory allocation. Affected versions include Spring Data Commons 4.0.0–4.0.5; 3.5....
CVE-2026-41719
Technical details about CVE-2026-41719 are not publicly available in the provided documents. Monitor for updates from official advisories; no specifics on affected products, vectors, or fixes are provided here.
CVE-2026-41717
Spring Data MongoDB contains a SpEL expression injection vulnerability in parameter binding for user-defined repository queries annotated with @Query using a capture-all placeholder. Affected versions include 5.0.0–5.0.5; 4.5.0–4.5.11; 4.4.0–4.4.14; 4.3.0–4.3.16; 4.2.0–4.2.15; 4.1.0–4.1.14; 4.0.0...
CVE-2026-41716
CVE-2026-41716 affects Spring Data Commons (versions 2.7.0–2.7.19; 3.3.0–3.3.16; 3.4.0–3.4.14; 3.5.0–3.5.11; 4.0.0–4.0.5). The issue is in Spring Data’s internal property-lookup cache, which accepts and permanently retains attacker-supplied strings as cache keys, enabling heap exhaustion through ...
CVE-2026-41714
Spring AMQP 2.4.x/3.1.x/3.2.x/4.0.x (versions 2.4.0–2.4.17, 3.1.0–3.1.15, 3.2.0–3.2.10, 4.0.0–4.0.3) are affected by CVE-2026-41714. The issue occurs when a broker connection is configured via RabbitConnectionFactoryBean.setUri("amqps://...") without calling setUseSSL(true). This leads to TLS enc...
CVE-2026-41711
Summary: CVE-2026-41711 affects Spring Data Commons and can cause a Denial of Service via a StackOverflowException when parsing Sort parameters. Affected versions include 4.0.0–4.0.5; 3.5.0–3.5.11; 3.4.0–3.4.14; 3.3.0–3.3.16; 3.2.0–3.2.15; 3.1.0–3.1.14; 3.0.0–3.0.15; 2.7.0–2.7.19. The provided do...
CVE-2026-41706
Spring Security: CookieRequestCache and CookieServerRequestCache store the full absolute pre-authentication URL in a browser cookie and use it as the post-login redirect target without validation. Affected versions include Spring Security 5.7.0–5.7.23; 5.8.0–5.8.25; 6.3.0–6.3.16; 6.4.0–6.4.16; 6....
CVE-2026-41701
CVE-2026-41701 affects Spring AMQP (RabbitTemplate) where correlation IDs for replies on fixed reply queues are generated by an internal simple counter, making them predictable. This data from NVD/CVE listings confirms the issue affects multiple versions (2.4.0–2.4.17, 3.1.0–3.1.15, 3.2.0–3.2.10,...
CVE-2026-46545
Summary: CVE-2026-46545 affects the Nimiq core-rs-albatross project (MerkleRadixTrie::put_chunk) and causes a remote, unauthenticated denial-of-service by a malicious state-sync peer sending a ROOT-keyed item in a ResponseChunk; upon put_raw attempting to store at the root, it panics with RootCan...
CVE-2026-41697
CVE-2026-41697 affects Spring Data Relational/JDBC/R2DBC across multiple versions (4.0.0–4.0.5; 3.5.0–3.5.11; 3.4.0–3.4.14; 3.3.0–3.3.16; 3.2.0–3.2.15; 3.1.0–3.1.14; 3.0.0–3.0.15; 2.4.0–2.4.19). The root cause is improper escaping of binding values for StringMatcher (STARTING, ENDING, CONTAINING)...
CVE-2026-41696
Spring Data MongoDB CVE-2026-41696 affects multiple versions (5.0.0–5.0.5; 4.5.0–4.5.11; 4.4.0–4.4.14; 4.3.0–4.3.16; 4.2.0–4.2.15; 4.1.0–4.1.14; 4.0.0–4.0.15; 3.4.0–3.4.19). The issue is insufficient validation of bound parameters in repository query methods annotated with @Query that use regex b...
CVE-2026-41695
Spring Data Commons contains a Denial of Service risk (CVE-2026-41695) caused by resource exhaustion during property path resolution in MappingContext. Affected versions are Spring Data Commons 4.0.0–4.0.5; 3.5.0–3.5.11; 3.4.0–3.4.14. The provided documents describe the issue and affected release...
CVE-2026-46543
CVE-2026-46543 (Nimiq blockchain) affects the Rust implementation
CVE-2026-41694
Summary: CVE-2026-41694 affects Spring Security SAML, where SAML Responses and parts of LogoutRequests/LogoutResponses are decrypted without requiring a valid signature. This enables an attacker to craft SAML payloads and use the Service Provider as a decryption oracle. Affected versions (per sou...
CVE-2026-41008
CVE-2026-41008 affects Spring Security and Spring Authorization Server. The vulnerability arises from insufficient validation of the request_uri parameter at the authorization endpoint, allowing an attacker to craft a malicious authorization request with an invalid request_uri and an unvalidated ...
CVE-2026-41003
CVE-2026-41003 affects Spring Security; an attacker who can influence values in RelyingPartyRegistration may be able to execute arbitrary code on HTML forms generated by Spring Security filters. Affected versions include Spring Security 5.7.0–5.7.23, 5.8.0–5.8.25, 6.3.0–6.3.16, 6.4.0–6.4.16, 6.5....
CVE-2026-40993
The CVE-2026-40993 issue affects Spring Security 7.0.0–7.0.5. Affected component: JdbcAssertingPartyMetadataRepository (table saml2_asserting_party_metadata). Root cause: unfiltered Java native deserialization of the BLOBs in verification_credentials and encryption_credentials. Impact: an attacke...