VIR Vulnerability Intelligence Relay

Search

Found 33,208 results in 1182ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-46119 critical 9.1 9.1 FIX debian debianwindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message of type CEPH_MSG_AUTH_REPL…
CVE-2026-46118 unknown FIX debian debian sles 7d ago In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle() commit 6d3789d347a7 ("papr-hvpipe: convert papr_hvpipe…
CVE-2026-46115 critical 9.8 9.8 FIX debian debian sleswindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used by the request merge, DMA mapping, and integrity …
CVE-2026-46109 unknown FIX debian debian sleswindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpi_register() error paths Commit 01af542392b5 ("usb: ulpi: fix double free in ulpi_register_inter…
CVE-2026-46108 unknown FIX debian debianwindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message alloca…
CVE-2026-46106 unknown FIX debian debianwindows windows 7d ago In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfs_mutex and SRCU when remount walks events Commit 340f0c7067a9 ("eventfs: Update all the eventfs_inodes from …
CVE-2026-46104 unknown FIX debian debian sles 7d ago In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock_has…
CVE-2026-4408 critical 9.0 9.0 FIX slesdebian debian rhel 7d ago A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is config…
CVE-2024-47097 unknown 7d ago Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do.
CVE-2024-47096 unknown 7d ago Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of hand…
CVE-2026-9806 unknown 7d ago A stored cross-site scripting (XSS) vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert …
CVE-2026-32999 critical 9.0 9.0 7d ago Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the aff…
CVE-2026-32998 unknown 7d ago This vulnerability in Veeam Service Provider Console allows for remote code execution.
CVE-2026-32997 unknown 7d ago A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server.
CVE-2026-32996 unknown 7d ago This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
CVE-2026-9789 unknown 7d ago A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe wi…
CVE-2026-46621 critical 9.5 7d ago Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection
CVE-2026-46562 critical 9.5 7d ago Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override
CVE-2026-9739 unknown 8d ago Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and `allowed-hosts` flags to align with MCP security guidelines. Howev…
CVE-2026-8364 critical 9.8 9.8 8d ago Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo,…
CVE-2026-8363 critical 9.8 9.8 8d ago A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:
CVE-2026-8362 critical 9.8 9.8 8d ago A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome
CVE-2026-44590 critical 9.3 9.3 8d ago Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pul…
CVE-2026-25879 critical 9.8 9.8 8d ago Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent executes SQL produced by an LLM, which is influenceable by prompt injection. When…
CVE-2026-44886 unknown 8d ago Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi…
CVE-2026-44887 critical 9.8 9.8 8d ago Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. S…
CVE-2026-44888 critical 9.8 9.8 8d ago Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly…
CVE-2026-45102 critical 9.9 9.9 8d ago OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc…
CVE-2026-47161 unknown 8d ago RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta…
CVE-2026-45618 critical 9.5 8d ago LiquidJS is Vulnerable to Remote Code Execution
CVE-2026-45087 critical 10.0 10.0 8d ago Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode (dalfox server), the server binds to 0.0.0.0:6664 by de…
CVE-2026-46425 critical 9.9 9.9 8d ago Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise featu…
CVE-2026-48150 critical 9.0 9.0 8d ago Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-…
CVE-2026-44315 critical 9.4 9.4 free5gc 8d ago free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-pfd-management API without inbound OAuth2/bearer-token authorization. A network attacker…
CVE-2026-48027 critical 9.8 10.0 KEV nx 8d ago Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfuscated payload that could harvest…
CVE-2026-44326 critical 9.4 9.4 free5gc 8d ago free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attac…
CVE-2026-44327 critical 10.0 10.0 free5gc 8d ago free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker wh…
CVE-2026-44329 critical 10.0 10.0 free5gc 8d ago free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network at…
CVE-2026-44330 critical 10.0 10.0 free5gc 8d ago free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network a…
CVE-2026-44839 unknown FIX slesdebian debianwindows windows 8d ago RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13.
CVE-2026-44838 unknown FIX slesdebian debian 8d ago RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrat…
CVE-2026-48808 unknown FIX debian debian 8d ago Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface`
CVE-2026-48807 unknown FIX debian debian 8d ago Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators
CVE-2026-48806 unknown FIX debian debian 8d ago Sandbox `__toString()` policy bypass via dynamic mapping keys
CVE-2026-48805 unknown FIX debian debian 8d ago Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`
CVE-2026-46636 unknown FIX debian debian 8d ago Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders
CVE-2026-9712 unknown 8d ago When creating an export through the pretix API, API clients are returned an UUID value for their export job (a long, random string like 35742818-c375-4d15-839f-d49aecce94d6). Using this UUID, the A…
CVE-2026-44830 unknown 8d ago Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when API_TOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authenticat…
CVE-2026-7876 critical 9.1 9.1 ibm 8d ago IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
CVE-2026-8175 critical 9.8 9.8 8d ago IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affecte…
CVE-2026-7524 critical 9.8 9.8 langflow 8d ago IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.
CVE-2026-46103 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tie…
CVE-2026-46101 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nft_bitwise Reject zero shift operands for nft_bitwise left and right shift expressions during in…
CVE-2026-46098 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown `caif_connect()` can tear down an existing client after remote shutdown by ca…
CVE-2026-46097 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e ("Input: edt-ft5x06 - use per-client debugfs d…
CVE-2026-46096 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() tpm2_read_public() calls tpm_buf_init() but fails to call tpm_…
CVE-2026-46095 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmap_state_mach…
CVE-2026-46094 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access The bounds check for the next xattr entry in check_xattr…
CVE-2026-46092 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pci_upstream_bridge() returns NULL if the device is on a root bus. If 8821C…
CVE-2026-46091 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. H…
CVE-2026-46089 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAG…
CVE-2026-46088 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() snd_ctl_elem_init_enum_names() advances pointe…
CVE-2026-46087 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start() Destroy the DAMON context and reset the global poin…
CVE-2026-46086 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by `fdb_delete_local()`, wh…
CVE-2026-46084 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed (e.g. DPDK exit), mana_ib_destroy_qp_rss() destro…
CVE-2026-46083 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a d…
CVE-2026-46082 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inj…
CVE-2026-46080 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via …
CVE-2026-46079 unknown FIX slesdebian debianwindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when device_add_disk() fails do_rbd_add() publishes the device with device_add() before calling device_ad…
CVE-2026-46077 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, ->dma_addr_out must be synced with dma_sync…
CVE-2026-46075 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new ->read() calls and f…
CVE-2026-46074 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB…
CVE-2026-46073 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt wait_for_completion_interruptible_timeout() returns -ERESTARTSYS w…
CVE-2026-46072 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to run_unpack() run_unpack() checks `run_buf < run_last` at the top of the while loop but then …
CVE-2026-46071 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12 svm_copy_lbrs() always marks VMCB_LBR dirty in the destination VMCB. However, nested…
CVE-2026-46069 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup() The mwifiex_adapter_cleanup() function uses timer_delete() (non-sy…
CVE-2026-46068 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx The bounce buffers are allocated with __get_free_pages() us…
CVE-2026-46067 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp Users can set damos_quota_goal->nid with arbitrary va…
CVE-2026-46066 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ceph: fix num_ops off-by-one when crypto allocation fails move_dirty_folio_in_page_array() may fail if the file is encrypted, the…
CVE-2026-46064 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasm_send_i2o_message() The ibmasm_send_i2o_message() function uses get_dot_command_size() to com…
CVE-2026-46063 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this…
CVE-2026-46061 unknown FIX slesdebian debian 8d ago In the Linux kernel, the following vulnerability has been resolved: jbd2: fix deadlock in jbd2_journal_cancel_revoke() Commit f76d4c28a46a ("fs/jbd2: use sleeping version of __find_get_block()") ch…
CVE-2026-46060 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adf_dev_up() partially completes and then fails, the IRQ handlers regist…
CVE-2026-46059 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRI…
CVE-2026-46057 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork() hook_cred_transfer() only copies the Landlock security blob when the s…
CVE-2026-46051 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retry_aligned_read() When retry_aligned_read() encounters an overlapped stripe, it releases the stri…
CVE-2026-46050 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix deadlock with check operation and nowait requests When an array check is running it will raise the barrier at whic…
CVE-2026-46049 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdif_passthru_playback_get_resources() uses atc->pll_rate as the RSR for the…
CVE-2026-46048 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usb_dev refcount leak on probe failure create_card() takes a reference on the USB device with usb_get_dev() and …
CVE-2026-46047 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove() In the remove callback, if a packet arrives after destroy_workqueue() is cal…
CVE-2026-46046 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() The commit c8e008b60492 ("ext4: ignore xattrs past end") introduced …
CVE-2026-46045 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: skip reading rdevs that are not in_sync When reading bitmap pages from member disks, the code iterates through al…
CVE-2026-46044 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts …
CVE-2026-46043 critical 9.1 9.1 FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() currently checks only that the incoming packet is at l…
CVE-2026-46042 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leaks in weighted_interleave_auto_store() weighted_interleave_auto_store() fetches old_wi_state inside t…
CVE-2026-46041 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames() hdlc_append() calls usleep_range() to wait for circular b…
CVE-2026-46040 unknown FIX debian debianwindows windows sles 8d ago In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails When fsnotify_add_inode_mark_locked() fails in inotify_…
CVE-2026-46039 critical 9.8 9.8 FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgk_extract_token() when checking the len…
CVE-2026-46038 unknown FIX debian debian sleswindows windows 8d ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrl_cmd_bye() A node sends the BYE packet when it is about to go down. So the nameserver sho…
CVE-2026-46035 unknown FIX debian debian sles 8d ago In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP On UP kernels (!CONFIG_SMP), spin_trylock() is a n…