CVE-2026-10230

A flaw was found in Assimp, specifically within the Half-Life 1 MDL Loader component. A local attacker could exploit a heap-based buffer overflow vulnerability in the readanimations function of HL1MDLLoader.cpp. This could lead to information disclosure, denial of service, or potentially arbitrar...

CVE-2026-47761

TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability in the media plugin. Attackers can inject malicious scripts via crafted data-mce- attributes, which are executed when content is rendered. Impacts users of TinyMCE with the media...

CVE-2026-47760

TinyMCE is an open source rich text editor. From 6.8.0 to before 7.1.0, TinyMCE contains an XSS vulnerability caused by improper SVG namespace scope handling in the sanitizer. A crafted payload using nested elements can bypass attribute sanitization and execute arbitrary JavaScript. This...

CVE-2026-47759

TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via unsanitized data-mce- attributes data-mce-href, data-mce-src, data-mce-style. Allows attackers to inject malicious values that override safe attributes during serialization,...

CVE-2026-10201

A flaw was found in Assimp. A local user can perform a manipulation within the FBXExporter::WriteObjects function, leading to a divide-by-zero error. This vulnerability can cause a Denial of Service DoS, making the application unavailable. Mitigation Mitigation for this issue is either not...

CVE-2026-46243

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

CVE-2026-10180

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

CVE-2026-10174

A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-commit-verify leads to protection mechanism failure. The attack may be launched remotely. The exploit ...

CVE-2026-10168

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...

CVE-2026-10156

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

CVE-2026-10153

A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. This manipulation of the argument s causes cross site scripting. Remote exploitation of the attack i...

CVE-2026-10177

A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file apidocs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has...

CVE-2026-9831

A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API key to receive response data for another tenant. The issu...

CVE-2026-8382

The Advanced Custom Fields ACF® plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to overwrit...

CVE-2026-10171

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

CVE-2026-10116

A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogssbixactadd in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint. Performing a manipulation results in denial of service. The attack may be initiated remotely. The...

CVE-2026-5071

The SocketCAN implementation validates the length of a user-provided buffer containing a socketcanframe object using only a NETASSERT statement in zcansendtoctx before dereferencing it in socketcantocanframe. In production builds where assertions are disabled, a userspace application that control...

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

CVE-2026-44287

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import with the regex /\bimport\s\/.testcode. JavaScript syntax accepts a block comment between import and ; the regex matches only ASCII...

CVE-2026-10110

A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and m...

CVE-2026-10186

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...

CVE-2026-9757

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

CVE-2026-7459

The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated Subscriber+ account takeover in all versions up to, and including, 5.26.0 via the event reaction endpoints reacttoevent / unreacttoevent. The endpoints register getitemspermissionschec...

CVE-2026-10189

A vulnerability has been found in Tenda W12 3.0.0.74763. This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

CVE-2026-10183

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and mig...

CVE-2026-10192

A vulnerability was identified in Tenda W12 3.0.0.74763. The affected element is the function setlocaltime0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2026-10162

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2026-7465

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server...

CVE-2026-10159

A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument currentpage causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been mad...

CVE-2026-10126

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely. The exploit has...

CVE-2026-10165

A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be...

CVE-2026-35630

OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval buttons that fails to enforce configured approver identity. Non-approver users can click approval buttons to resolve pending exec or plugin approval requests without proper authorization...

CVE-2026-10108

xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/filepath:path endpoint that allows unauthenticated attackers to read arbitrary files outside the intended music directory by exploiting an incomplete path prefix check. Attackers can request files from...

CVE-2026-10123

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blockeddomain/permitteddomain/blockeddomainlist/permitteddomainlist results in stack-based buffer overflow. It...

CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

CVE-2026-46242

A flaw was found in the Linux kernel's eventpoll mechanism. A Use-After-Free UAF vulnerability, where the system attempts to access memory after it has been freed, can occur during the removal of a file. A local attacker could exploit this race condition to corrupt memory, potentially leading to...

CVE-2026-9759

A flaw was found in the ROHC dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the ROHC protocol dissector is not being used, it can be disabled via the...

CVE-2026-45803

A flaw was found in GitHub CLI. A remote attacker who can influence GitHub Actions workflow log output could inject terminal escape sequences into workflow logs. When a user views these logs using gh run view --log or gh run view --log-failed, the injected sequences may be replayed by the user's...

CVE-2026-46344

A flaw was found in liboqs, a C-language cryptographic library. An out-of-bounds read vulnerability exists in the XMSS and XMSS^MT stateful signature verification code. A remote attacker could exploit this by providing a specially crafted public key that causes the verification function to read...

CVE-2026-45352

A flaw was found in cpp-httplib, a C++ HTTP/HTTPS library. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP request that includes a negative chunk-size in the chunked Transfer-Encoding. This incorrect parsing leads to unbounded memory allocation, causing the...

CVE-2026-44518

A flaw was found in liboqs, a C-language cryptographic library. An out-of-bounds read vulnerability exists in the XMSS and XMSS^MT stateful signature verification code. A remote attacker could exploit this by providing a malformed signature that is shorter than expected. This could lead to a deni...

CVE-2026-23557

A flaw was found in xenstored, a component of Xen. Any guest operating system can cause xenstored to crash by issuing an XSRESETWATCHES command within a transaction, leading to a denial of service DoS. This occurs due to an assertion assert triggering, which can halt the xenstored process...

CVE-2026-23558

A flaw was found in Xen. A race condition exists when a Hardware Virtual Machine HVM or Para-Virtualization Hybrid PVH guest changes its grant table version from v2 to v1 while simultaneously mapping status pages. This can lead to some status pages being freed while still mapped in the guest's...

CVE-2026-46527

A flaw was found in cpp-httplib, a C++ HTTP/HTTPS library. When a server using cpp-httplib has configured trusted proxies, a remote attacker can send a specially crafted HTTP request with a malformed X-Forwarded-For header. This can lead to undefined behavior, resulting in abnormal process...

CVE-2026-41163

A flaw was found in bubblewrap when operating in setuid mode. A local user may use ptrace to interfere with the sandbox setup process and gain access to privileged operations that are normally restricted. This could allow an attacker to bypass intended sandboxing restrictions and potentially...

CVE-2026-45372

A flaw was found in cpp-httplib, a C++ library for handling web requests. A remote attacker could exploit this vulnerability by sending a specially crafted web request. The server incorrectly processes certain encoded characters within the request's header information before checking their...

CVE-2026-9956

An use after free flaw was found in the iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504195132...

CVE-2026-9971

An inappropriate implementation flaw was found in the iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=508448586...

CVE-2026-9955

An inappropriate implementation flaw was found in the iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504184408...