CVE-2026-33841

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-34333

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

CVE-2026-34329

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

CVE-2026-33837

Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-33821

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...

CVE-2026-33840

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

CVE-2026-33117

The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may...

CVE-2026-33833

Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-33834

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally...

CVE-2026-23826

A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitati...

CVE-2025-65719

An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...

CVE-2026-23827

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged use...

CVE-2026-23825

Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may...

CVE-2026-21530

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally...

CVE-2026-28907

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK...

CVE-2026-28902

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

CVE-2026-28903

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

CVE-2026-28847

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

CVE-2026-42402

A flaw was found in Apache Neethi. A remote attacker can exploit this vulnerability by providing specially crafted WS-Policy documents. This triggers an algorithmic complexity issue during policy normalization, leading to an exponential expansion of policy alternatives. This unbounded memory...

CVE-2026-41257

A flaw was found in jq, a command line JSON processor. The memory allocation size is calculated using a signed integer that can overflow when processing deeply nested generator forks. This integer overflow allows an attacker who can supply a sufficiently nested input to influence the memory...

CVE-2026-44777

A flaw was found in jq, a command line JSON processor. The module loader fails to perform cycle detection when resolving imports. This missing cycle detection allows an attacker who can supply crafted modules with circular dependencies to exhaust the stack memory, causing an application crash,...

CVE-2026-42403

A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...

CVE-2026-43476

A flaw was found in the Linux kernel, specifically within a module responsible for handling sensor data. This vulnerability is caused by an error in calculating the correct size for a data buffer. An attacker could potentially exploit this issue to corrupt memory, which might lead to the system...

CVE-2026-37630

A flaw was found in QuickJS-NG. An attacker can exploit an issue within the jsmappedargumentsmark function to execute arbitrary code. This vulnerability allows for unauthorized code execution, potentially leading to a complete compromise of the affected system...

CVE-2026-43477

A flaw was found in the Linux kernel. Incorrectly configuring Variable Refresh Rate VRR timings before enabling display functionality can cause the system to hang. This issue, which may occur with certain display setups, can lead to a complete system freeze, resulting in a denial of service...

CVE-2026-43896

A flaw was found in jq, a command line JSON processor. The jvobjectmergerecursive function, reachable via the operator when both operands are objects, does not have a depth limit when processing nested objects. This missing depth limit allows an attacker who can supply a sufficiently nested input...

CVE-2026-43479

A flaw was found in the Linux kernel's USB network device driver lan78xx. A redundant function call during the disconnection of a USB device can trigger a kernel warning. This issue may lead to system instability or a denial of service, impacting the availability of the system...

CVE-2026-40612

A flaw was found in jq, a command line JSON processor. The jvcontains function does not have a depth limit when processing nested arrays or objects. This missing depth limit allows an attacker who can supply a sufficiently nested input structure to exhaust the stack memory, causing an application...

CVE-2026-31835

A flaw was found in Vaultwarden. The WebAuthn authentication process in versions 1.35.4 and earlier incorrectly updates user credential information before fully verifying the authentication signature. This allows an attacker who possesses a user's password, but cannot complete the WebAuthn...

CVE-2026-43482

A flaw was found in the Linux kernel's schedext component. If a task is preempted between the scxclaimexit function and the subsequent helper work activation, and the BPF Berkeley Packet Filter scheduler fails to reschedule it, the system can become unresponsive. This can lead to a denial of...

CVE-2026-43483

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically within the SVM Secure Virtual Machine module. This vulnerability arises from incorrect handling of CR8 write interceptions when the Advanced Virtual Interrupt Controller AVIC is activated or deactivate...

CVE-2026-43480

A flaw was found in the Linux kernel, specifically within the ASoC AMD audio driver. This vulnerability stems from a missing error check during clock acquisition, which could cause the system to attempt to access invalid memory. Such an action can lead to a system crash, resulting in a Denial of...

CVE-2026-43485

A flaw was found in the Linux kernel's nouveau/gsp module. This issue involved the frequent triggering of diagnostic WARNON messages during ACPI Advanced Configuration and Power Interface probes. While these warnings were considered largely benign, their persistent appearance indicated an...

CVE-2026-43484

A flaw was found in the Linux kernel's MultiMediaCard MMC core. Concurrent updates to bitfield flags, specifically 'claimed' and 'retunenow', can lead to unintended overwrites of other bits in asynchronous contexts. This can trigger spurious warnings and result in system instability or unexpected...

CVE-2026-43486

A flaw was found in the Linux kernel. The contpteptepsetaccessflags function, responsible for managing contiguous page table entries CONT PTEs on ARM64 architectures, incorrectly determines when an access flag update is a no-op. This can occur when a sibling page table entry's dirty bit causes th...

CVE-2026-43489

A flaw was found in the Linux kernel's liveupdate mechanism. When a retrieve operation fails, the system does not properly record the failure status. This allows a local attacker to repeatedly attempt the operation, potentially leading to attempts to access or free already freed data structures...

CVE-2026-43488

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. When a USB Attached SCSI UAS storage device is connected or disconnected, the xHCI controller can report a Host Controller Error HCE. Improper handling of this error can lead to an interrupt storm, causing...

CVE-2026-43478

A flaw was found in the Linux kernel's ASoC rt1011 codec component. An incorrect helper function used to retrieve the Digital Audio Power Management DAPM context in rt1011recvspkmodeput can lead to a null pointer dereference. This issue could allow a local attacker to cause a system crash,...

CVE-2026-43481

A flaw was found in the Linux kernel's net-shapers component. An issue exists where the skb socket buffer is freed twice if genlmsgreply fails, leading to a double-free vulnerability. This can result in memory corruption or a denial of service DoS condition, potentially allowing a local attacker ...

CVE-2026-46300

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

CVE-2026-41674

A flaw was found in xmldom and @xmldom/xmldom, a JavaScript library for parsing and serializing XML. This vulnerability allows an attacker to inject arbitrary XML markup into a document due to improper handling of DocumentType node fields during serialization. By crafting malicious input, an...

CVE-2026-8449

No description is available for this CVE...

CVE-2026-43330

A flaw was found in the Linux kernel's caam cryptographic accelerator driver. When processing a Hash-based Message Authentication Code HMAC key that exceeds the block size, the driver incorrectly handles memory allocation and copying. This can lead to an overflow, where the system attempts to rea...

CVE-2026-6815

An arbitrary file write vulnerability exists in Casdoor's Local File System storage provider. Due to insufficient path sanitization, an authenticated attacker with administrative privileges can perform a Path Traversal attack to create or overwrite arbitrary files anywhere on the host filesystem,...

CVE-2026-31244

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories/memoryid. The endpoint allows unauthenticated users to delete arbitrary memory records without verifying their identity or permissions. A remote attacker can exploit this by...

CVE-2026-6146

Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys. Amazon::Credentials stores credentials in an obfuscated form to prevent access to the secrets from a data dump of the object. Before version 1.3.0, the secrets were encrypted using a 64-bit key that was...

CVE-2026-31241

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories. The endpoint allows unauthenticated users to delete memory records by specifying arbitrary user identifiers e.g., userid, runid, agentid in the request query parameters. A...

CVE-2026-31226

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

CVE-2026-43652

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...

CVE-2026-31225

The superduper project thru v0.10.0 contains a critical remote code execution vulnerability in its query parsing component. The parseoppart function in query.py uses the unsafe eval function to dynamically evaluate user-supplied query operands without proper sanitization or restriction. Although...