VIR Vulnerability Intelligence Relay

Search

Found 117 results in 16ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-9092 critical 9.1 9.1 6d ago Casdoor versions 2.362.0 and earlier contain a vulnerability involving unverified email binding that may enable account takeover. The getExistUserByBindingRule function matches users by email without…
CVE-2026-9090 critical 9.1 9.1 6d ago Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCertificateStore function extra…
CVE-2026-38707 critical 9.8 9.8 inhandnetworks 6d ago A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier ve…
CVE-2026-38704 critical 9.8 9.8 inhandnetworks 6d ago A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlie…
CVE-2026-38703 critical 9.8 9.8 inhandnetworks 6d ago A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier…
CVE-2026-38702 critical 9.8 9.8 inhandnetworks 6d ago A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier…
CVE-2026-24444 critical 9.8 9.8 6d ago SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that a…
CVE-2026-22872 critical 9.1 9.1 projectcapsule 6d ago Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets th…
CVE-2026-46195 critical 9.8 9.8 FIX debian debian sleswindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers parse_sec_desc(), build_sec_desc(), and the chown path in id_mode_…
CVE-2026-46185 critical 9.1 9.1 FIX debian debian sleswindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlink_data() Since smb2_check_message() returns success without length validation for the…
CVE-2026-46155 critical 9.1 9.1 FIX debian debianwindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2_compound_op() If a server sends a truncated response but a large OutputBufferLength, a…
CVE-2026-46137 critical 9.8 9.8 FIX debian debianwindows windows sles 7d ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix potential data-race This mptcp_pm_add_timer() helper is executed as a timer callback in softirq cont…
CVE-2026-46135 critical 9.8 9.8 FIX debian debianwindows windows sles 7d ago In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmet_tcp_handle_icreq() updates queue->state after sending an Init…
CVE-2026-46119 critical 9.1 9.1 FIX debian debianwindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message of type CEPH_MSG_AUTH_REPL…
CVE-2026-46115 critical 9.8 9.8 FIX debian debian sleswindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used by the request merge, DMA mapping, and integrity …
CVE-2026-4408 critical 9.0 9.0 FIX slesdebian debian rhel 7d ago Important: samba security update
CVE-2026-32999 critical 9.0 9.0 7d ago Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the aff…