175519 matches found
PT-2026-45937
BREAKING: Samsung discloses critical CVE-2026-23786 and CVE-2024-53922 in semiconductor products, enabling potential unauthorized access with patches pending. https://t.co/As20ekaylO...
PT-2026-45946
A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue arises because the trust remote code parameter, intended to prevent remote code execution, ...
PT-2026-45929
A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...
PT-2026-45942
ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting XSS in multiple attributes of students and teachers objects. An authorized attacker e.g., a teacher or administrator can inject malicious JavaScript that is subsequently executed in other users’ browsers...
PT-2026-45940
daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both values to 0 unlimited, an unauthenticated remote attacker could send arbitrarily large WebSocket messages or frames, causing excessive memory...
PT-2026-45930
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...
PT-2026-45935
Name of the Vulnerable Software and Affected Versions lwext4 version 1.0.0 Description An out-of-bounds read exists in the ext4 ext binsearch idx function within the src/ext4 extent.c file. This occurs because extent header fields are not sufficiently validated before a binary search is performed...
PT-2026-45943
ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth e.g., 12072000 for 12 July 2000. The application does not require or prompt users to change the password upon first login. This behavior...
PT-2026-45959
GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payload in the asset locked tab. Upgrade to 10.0.25 or 11.0.7 to receive a patch...
PT-2026-45960
GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch...
PT-2026-45954
RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting XSS via Social Media links in user profile...
PT-2026-45961
A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the allow origin pat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This...
PT-2026-45953
An OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas up to commit 9f50579 allows attackers to execute arbitrary commands via a crafted POST request...
PT-2026-45951
Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The unicodedata.normalize function can consume excessive CPU time when processing specially crafted Unicode input. This occurs when the input contains long sequences of combining characters wi...
PT-2026-45958
GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary files inside the GLPI DOC DIR. Upgrade to 10.0.25 or 11.0.7 to receive a patch...
PT-2026-45952
Name of the Vulnerable Software and Affected Versions CactusViewer version 2.3.0 Description A DLL hijacking issue in CactusViewer allows attackers to escalate privileges and execute arbitrary code by using a crafted DLL. DLL hijacking is a technique where an application is tricked into loading a...
PT-2026-45950
Name of the Vulnerable Software and Affected Versions backpack/crud versions prior to 5.0.13 backpack/crud versions prior to 4.1.69 backpack/crud versions prior to 4.0.63 Description Reflected Cross-Site Scripting XSS occurs because error views output the exception message without escaping it. An...
PT-2026-45993
Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...
PT-2026-46001
Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...
PT-2026-45995
Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...
PT-2026-46002
Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...
PT-2026-45996
Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the...
PT-2026-46005
Name of the Vulnerable Software and Affected Versions Kimi AI version 1.0 Description A Cross Site Scripting issue exists in the 'Preview' feature of the web interface. The application does not properly sanitize or encode HTML or JavaScript payloads produced by the AI model. When a user accesses...
PT-2026-45994
Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...
PT-2026-46052
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The software uses the EVP BytesToKey key derivation function with MD5 and a single iteration for AES encryption. MD5 is a cryptographic hash function that is no longer secure, and the use of a...
PT-2026-46053
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The software downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions using the new RegExp function without complexity validation. An on-path...
PT-2026-46048
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP using the Fetch API. This represents an inconsistent implementation of Transport...
PT-2026-46050
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description Multiple publicly accessible endpoints allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes a cryptographic hash function that produces a 160-bit...
PT-2026-46046
Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.3.0 through 4.10.x Description A type confusion occurs in OP-TEE OS when processing an 'FFA MEM SHARE' request from the normal world. This issue specifically affects configurations where OP-TEE is set as a Secure Partition...
PT-2026-46049
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The software contains hardcoded, plaintext AES passphrases within the securly.min.js file. These passphrases are used to decrypt intervention site data and crisis alert keyword data...
PT-2026-46044
Name of the Vulnerable Software and Affected Versions ERPNext version 16.16.0 Description An authenticated user can persist arbitrary HTML or JavaScript within the email id or mobile no fields of a Customer record. This leads to unescaped rendering in the Point of Sale POS interface for any...
PT-2026-46021
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle create In linehandle create, there is a statement like this: retain and null ptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the...
PT-2026-46029
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the handling of RAW sockets using the IPPROTO RAW protocol. A malicious incoming ICMP packet can have its protocol field set to 255, allowing it to match a socket...
PT-2026-46027
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DRM/XE sysfs initialization where a failure in devm add action or reset causes a cleanup action to run immediately on a kobject that has not yet been initialized...
PT-2026-46035
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Coresight TMC-ETR component of the Linux kernel when sysfs and perf modes are operated simultaneously. The issue occurs because the enablement of sysfs mod...
PT-2026-46033
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the rt9455 power supply driver. The problem occurs because the interrupt request IRQ is requested before the power supply handle is allocated and...
PT-2026-46022
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the procfs component of the Linux kernel within the do task stat function. When reading the '/proc/pid/stat' endpoint, the system accesses the real parent variable witho...
PT-2026-46031
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI/P2PDMA component where the p2pmem alloc mmap function triggers a warning condition when CONFIG DEBUG VM is enabled. This occurs because the function uses an...
PT-2026-46028
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/hns component where a reset triggered while using sunrpc can lead to a WQ MEM RECLAIM warning. This occurs because the hns roce irq workq workqueue lacks the ...
PT-2026-46020
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when read current timer is called on ARM32 platforms where the SP804 is not registered as the sched clock. On SP804, the delay timer shares the same clkevt instance with sched clock. O...
PT-2026-46025
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the ASoC fsl xcvr component due to an improper locking mechanism in the fsl xcvr mode put function. The issue arises when the function attempts to acquire the...
PT-2026-45988
Name of the Vulnerable Software and Affected Versions Cisco Webex Meetings affected versions not specified Description Insufficient validation of user input in the web-based user interface allows an unauthenticated remote attacker to conduct a cross-site scripting XSS attack. An attacker could...
PT-2026-45990
Name of the Vulnerable Software and Affected Versions Mercusys AC12G EU V1 version AC12GEU V1 200909 Description The UPnP GetStatusInfo action discloses kernel memory layout. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, which reveals the kernel...
PT-2026-46030
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...
PT-2026-46018
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the dmaengine fsl-edma component where clocks in fsl edma engine::muxclk are allocated and enabled using devm clk get enabled. This function automatically manages...
PT-2026-46009
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the pm8916 lbc supply driver. The problem occurs because the interrupt request IRQ is requested before the extcon handle is allocated using devm variants...
PT-2026-46015
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A locking issue exists in the regulator core within the regulator resolve supply function. When the late enabling of a supply regulator fails, the system triggers a lockdep warning becau...
PT-2026-45991
Name of the Vulnerable Software and Affected Versions Mercusys AC12G EU V1 version AC12GEU V1 200909 Description The device exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. Universal Plug and Play UPnP, a protocol that allow...
PT-2026-45983
Dräger SC Monitoring devices SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packet...
PT-2026-46014
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the btrfs file system where the block group tree dirty list can become corrupted. When the EXTENT TREE V2 incompat flag is set, the block group tree is unconditionally...