CVE-2026-46231

A flaw was found in the Linux kernel's batman-adv Better Approach To Mobile Ad-hoc Networking - Advanced Basic Link Arbitration BLA module. When the batadvblaaddclaim function fails to insert a new claim into the hash, it leaks a reference to the backbonegw object. This resource leak can accumula...

CVE-2026-46233

A flaw was found in the Linux kernel's batman-adv module. This vulnerability allows a local attacker to trigger a NULL-pointer dereference within the batadvblapurgeclaims function. This issue arises from a timing conflict when a claim is being released simultaneously, causing a critical pointer t...

CVE-2026-46230

A flaw was found in the Linux kernel's drm/amdgpu/vcn3 component. This vulnerability, an Out-of-Bounds OOB read, occurs when parsing decoder messages without proper boundary checks. A local attacker could potentially exploit this to read sensitive information from memory or cause system...

CVE-2026-46237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10...

CVE-2026-46236

A flaw was found in the Linux kernel's media: rc: xboxremote driver. This vulnerability arises from incorrect handling of Direct Memory Access DMA buffers, where the buffer for I/O operations is improperly part of the device structure. This violation of DMA coherency rules could lead to data...

CVE-2026-46235

A flaw was found in the saa7164 media driver in the Linux kernel. This vulnerability occurs due to missing return value checks for ioremap calls within the saa7164devsetup function. If ioremap fails for BAR0 or BAR2, it can lead to null pointer dereferences and improper cleanup of PCI memory...

CVE-2026-46241

A flaw was found in the Linux kernel's spi: mpc52xx component. This use-after-free vulnerability occurs when the controller registration fails. An attacker could potentially exploit this flaw to cause a system crash or lead to a resource leak, impacting system stability and availability...

CVE-2026-46240

A flaw was found in the Linux kernel, specifically within the media: iris driver. This vulnerability, a use-after-free, occurs when a buffer is prematurely freed by sessionreleasebuf while irisreleaseinternalbuffers continues to access it. This improper handling of memory can lead to system...

CVE-2025-71305

A flaw was found in the Linux kernel's DisplayPort Multi-Stream Transport MST subsystem. When a DisplayPort 2.1 monitor is disconnected, a timing issue can cause the Virtual Channel Packet Interval VCPI value to become zero. Subsequent operations attempting to use this zero value in a bit shift c...

CVE-2026-46015

A flaw was found in the Linux kernel's TCP networking subsystem. When an established network connection is migrated between listener sockets within the same SOREUSEPORT group, applications waiting for new connections may not be properly notified. This can cause poll, epollwait, and blocking accep...

CVE-2026-46012

A flaw was found in the Linux kernel's rxrpc subsystem. The rxkadverifyresponse function, which handles verification of responses, did not consistently release allocated memory. This oversight could lead to a memory leak, potentially causing system instability and a denial of service DoS over tim...

CVE-2026-46094

A flaw was found in the Linux kernel's ext4 filesystem, specifically in the checkxattrs function. A local attacker could exploit a bounds check error, allowing an out-of-bounds read when processing extended attributes xattrs. This could lead to memory corruption, potentially causing a denial of...

CVE-2026-46104

A flaw was found in the Linux kernel's SELinux Security-Enhanced Linux socket permission helpers. In configurations where multiple Linux Security Modules LSMs are active, the system may incorrectly access socket security data. This can lead to invalid security identifiers SIDs and class values...

CVE-2026-46105

A flaw was found in the mpt3sas driver within the Linux kernel. This vulnerability allows for oversized Non-Volatile Memory Express NVMe input/output I/O operations due to improper size limitations. An attacker or a malicious NVMe device could exploit this by issuing I/O requests that exceed the...

CVE-2026-46106

A flaw was found in the Linux kernel's eventfs component. This vulnerability allows a local attacker to trigger a race condition during remount operations. By exploiting insufficient locking mechanisms when processing event descriptors, an attacker can cause memory corruption, leading to a denial...

CVE-2026-46107

A flaw was found in the Linux kernel's Device Mapper dm-thin component. This vulnerability, a metadata reference count underflow, occurs in the rebalancechildren function. When an internal btree node with a single entry is shared, the system incorrectly tracks the usage of child nodes. This can...

CVE-2026-46111

A flaw was found in the Linux kernel's Bluetooth subsystem. The createbigcomplete function, when handling errors during the creation of a Bluetooth Isochronous Group BIG synchronization, could attempt to access memory that has already been freed. This use-after-free UAF vulnerability could allow ...

CVE-2026-46113

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

CVE-2026-46115

A flaw was found in the Linux kernel's block subsystem. The biovecphysmergeable function, which combines physically contiguous memory segments, lacked a check to ensure these segments belonged to the same device page map devpagemap. This omission could result in the incorrect identification of th...

CVE-2026-46114

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access subsystem, specifically within the rxe driver. A remote attacker could exploit this vulnerability by sending a specially crafted ATOMICWRITE request with a zero-byte payload. This improper handling of non-8-byte ATOMICWRITE...

CVE-2026-46119

A flaw was found in the Linux kernel's libceph component. A remote attacker could exploit this vulnerability by sending a specially crafted CEPHMSGAUTHREPLY message. When the message's result field contains a positive value, it can be misinterpreted as a buffer size, leading to a slab-out-of-boun...

CVE-2026-46121

A flaw was found in the Linux kernel's DAMON Data Access MONitor sysfs interface. A race condition exists between read and write operations on the memcgpath and path files. This allows a local attacker, by performing concurrent reads and writes with separate file handles, to trigger a...

CVE-2026-9126

An use after free flaw was found in the DOM component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496280532...

CVE-2026-9124

An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496375695...

CVE-2026-9123

A heap buffer overflow flaw was found in the Chromecast component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495988507...

CVE-2026-9122

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489579953...

CVE-2026-9121

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=488064108...

CVE-2026-9712

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

CVE-2026-9583

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

CVE-2026-9607

A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcellist.php. Performing a manipulation of the argument s results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public...

CVE-2026-9498

A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...

CVE-2026-9440

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to launch the attack...

CVE-2026-9531

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

CVE-2026-9446

A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/editcustomer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed t...

CVE-2026-9464

A vulnerability has been found in YunaiV yudao-cloud 2026.03. This affects the function IotDataSinkHttpConfig of the file /admin-api/iot/data-sink/create of the component Admin API Endpoint. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit h...

CVE-2026-9511

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

CVE-2026-9542

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...

CVE-2026-46740

Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Version 0.06 changes the module from being a stats...

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

CVE-2026-38930

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...

CVE-2026-7876

IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19 is affected by an authentication bypass vulnerability. A transfer client may be able to take advantage of this vulnerability to access files in the server's local storage that they should not have access to, when specific restriction settings are not ...

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

CVE-2026-38808

SQL Injection vulnerability in uzy-ssm-mall v1.1.0 allows a remote attacker to obtain sensitive information via the ProductMapper.xml and /OrderUtil.java components...

CVE-2026-9525

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /admin/editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...

CVE-2026-9470

A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirmloggedin of the file studenttrans.php. Such manipulation of the argument FIRSTNAME/LastName/EMAIL leads to sql injection. It is possibl...

CVE-2026-9305

A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-9562

A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has...

CVE-2026-46363

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in FAQ creation and update endpoints that bypass sanitization through encode-decode cycles. The vulnerability allows authenticated attackers with FAQADD permission to inject malicious script tags via question or answer...

CVE-2026-42082

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 §6.9.5.1. The AMF does not check for ongoing N2 handover procedures before initiating a NAS Security Mode Command,...