200
CVEs
40
Threats
2
News
76
Critical
77
CISA KEV
🛡 Security Vulnerabilities (CVE)
ConnectWise ScreenConnect — CVE-2024-1708
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
Required Action: Apply mitigations per vendor instructions,…
CVE-2026-32202
Microsoft Windows Shell Protection Mechanism Failure Enables Network Spoofing
01:24 KSA
Microsoft Windows — CVE-2026-32202
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guida…
Microsoft Windows Privilege Escalation Vulnerability — smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Microsoft Windows Privilege Escalation Vulnerability — A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Cisco IOS Denial-of-Service Vulnerability — Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
Microsoft Windows Kernel Privilege Escalation Vulnerability — Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.
D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability — A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.
Linux Kernel Improper Input Validation Vulnerability — The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege…
Ruby on Rails Directory Traversal Vulnerability — Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.
OpenSSL Information Disclosure Vulnerability — The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
Linux Kernel Race Condition Vulnerability — Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.
Microsoft Internet Explorer Use-After-Free Vulnerability — Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.
Adobe Reader and Acrobat Use-After-Free Vulnerability — Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.
Adobe Flash Player Integer Underflow Vulnerablity — Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.
Adobe Flash Player Double Free Vulnerablity — Adobe Flash Player contains a double free vulnerability that allows a remote attacker to execute arbitrary code.
Adobe Reader and Acrobat Sandbox Bypass Vulnerability — Adobe Reader and Acrobat on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.
InduSoft Web Studio NTWebServer Directory Traversal Vulnerability — InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.
CVE-2014-100005
D-Link DIR-600 Router CSRF Vulnerability Enables Unauthorized Configuration Changes
11:01 KSA
D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability — D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.
Microsoft Word Memory Corruption Vulnerability — Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.
Microsoft Internet Explorer Memory Corruption Vulnerability — Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability — Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated a…
Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability — Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HT…
CVE-2014-2817
Microsoft Internet Explorer Privilege Escalation Vulnerability CVE-2014-2817
11:01 KSA
Microsoft Internet Explorer Privilege Escalation Vulnerability — Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.
Elasticsearch Remote Code Execution Vulnerability — Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.
Linux Kernel Privilege Escalation Vulnerability — The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges.
Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability — Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause an arbitrary memory write and memory corruption.
Microsoft IME Japanese Privilege Escalation Vulnerability — Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspeci…
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability — A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
CVE-2014-4123
Microsoft Internet Explorer Privilege Escalation Vulnerability CVE-2014-4123
11:01 KSA
Microsoft Internet Explorer Privilege Escalation Vulnerability — Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.
Microsoft Windows Remote Code Execution Vulnerability — A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.
Apple OS X Heap-Based Buffer Overflow Vulnerability — Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability — GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
GNU Bash OS Command Injection Vulnerability — GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via a crafted environment.
Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability — The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.
Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability — The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.
Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability — OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.
Microsoft Windows Code Injection Vulnerability — Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability — GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability…
Realtek SDK Improper Input Validation Vulnerability — Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.
Adobe Flash Player Dereferenced Pointer Vulnerability — Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.
Adobe Flash Player Stack-Based Buffer Overflow Vulnerability — Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.
Microsoft Windows TS WebProxy Directory Traversal Vulnerability — Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.
Microsoft Internet Explorer ASLR Bypass Vulnerability — Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.
Adobe Flash Player ASLR Bypass Vulnerability — Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.
Adobe Flash Player Remote Code Execution Vulnerability — Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.
Adobe Flash Player Use-After-Free Vulnerability — Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability — Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability — The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
Microsoft HTTP.sys Remote Code Execution Vulnerability — Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.
Microsoft Office Memory Corruption Vulnerability — Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user.
Microsoft Office Memory Corruption Vulnerability — Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document.
Microsoft MSHTML Remote Code Execution Vulnerability — Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability.
Microsoft Windows Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote code in the context of the SharePoint application pool and the Shar…
CVE-2019-0676
Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2019-0676)
11:01 KSA
Microsoft Internet Explorer Information Disclosure Vulnerability — An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.
Microsoft Windows SMB Information Disclosure Vulnerability — An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.
CVE-2019-0708
Microsoft Remote Desktop Services RCE Vulnerability (BlueKeep) - CVE-2019-0708
11:01 KSA
Microsoft Remote Desktop Services Remote Code Execution Vulnerability — Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send speciall…
Microsoft Internet Explorer Type Confusion Vulnerability — A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
CVE-2019-0808
Microsoft Win32k Privilege Escalation Vulnerability - Kernel Mode Code Execution
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run code in kernel mode.
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated co…
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability — Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
Microsoft Windows Privilege Escalation Vulnerability — A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medi…
Microsoft GDI Remote Code Execution Vulnerability — A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected…
Jenkins Script Security Plugin Sandbox Bypass Vulnerability — Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.
WhatsApp Cross-Site Scripting Vulnerability — A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability — Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe…
TeamViewer Desktop Bypass Remote Login Vulnerability — TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, they could decrypt protected information store…
Sangoma FreePBX Improper Authentication Vulnerability — Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services provided by the FreePBX admin.
Netis WF2419 Devices Remote Code Execution Vulnerability — Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability — Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.
TVT NVMS-1000 Directory Traversal Vulnerability — TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.
D-Link DWL-2600AP Access Point Command Injection Vulnerability — D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save …
Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint (`site/blueprints/users/...`). It is also pos…
OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unre…
CVE-2026-41404
OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that
05:54 KSA
OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that allows operator.admin privilege escalation. Attackers can exploit this by declaring operator scopes on non-Control-UI clients, allowing self-declared scopes to …
CVE-2026-41476
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's c
22:18 KSA
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The issue is in the implementation of…
CVE-2026-42422
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting to
05:54 KSA
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval.
CVE-2026-42426
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts ope
05:54 KSA
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions…
A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit ha…
A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public an…
CVE-2026-41371
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway ca
19:00 KSA
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without re…
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies.
OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes without authentication to perform privileged runtime actions intended for authorized op…
CVE-2026-40344
MinIO Authentication Bypass in Snowball Auto-Extract Handler (CVE-2026-40344)
04:00 KSA
MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's Snowball auto-extract handler (`PutObjectExtractHandler`) allows any user who knows a valid acc…
MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's `STREAMING-UNSIGNED-PAYLOAD-TRAILER` code path
allows any user who knows a valid access key to …
OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the d…
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint (`site/blu…
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid …
CVE-2026-41364
OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attack
19:00 KSA
OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can exploit this by uploading tar archives containing symlinks to escape the sandbox and overwrite files on the remote h…
OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config pa…
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser configuratio…
OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. Attackers can craft malicious workspace configs to inject arbitrary enviro…
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package reso…
OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by overriding the bundled plugin trust…
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute privileged commands on the local ass…
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL.
CVE-2025-71089
In the Linux kernel, the following vulnerability has been resolved:
iommu: disable SVA when CONFIG_X86 is set
Patch se
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
iommu: disable SVA when CONFIG_X86 is set
Patch series "Fix stale IOTLB entries for kernel address space", v7.
This proposes a fix for a security vulnerability related to IOMMU Shared
Virtual Addressing (SVA).…
CVE-2025-71145
In the Linux kernel, the following vulnerability has been resolved:
usb: phy: isp1301: fix non-OF device reference imba
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
usb: phy: isp1301: fix non-OF device reference imbalance
A recent change fixing a device reference leak in a UDC driver
introduced a potential use-after-free in the non-OF case as the
isp1301_get_client() helpe…
CVE-2025-71152
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: properly keep track of conduit reference
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: properly keep track of conduit reference
Problem description
-------------------
DSA has a mumbo-jumbo of reference handling of the conduit net device
and its kobject which, sadly, is just wrong and …
CVE-2025-71155
In the Linux kernel, the following vulnerability has been resolved:
KVM: s390: Fix gmap_helper_zap_one_page() again
A
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
KVM: s390: Fix gmap_helper_zap_one_page() again
A few checks were missing in gmap_helper_zap_one_page(), which can lead
to memory corruption in the guest under specific circumstances.
Add the missing checks.
CVE-2025-71156
In the Linux kernel, the following vulnerability has been resolved:
gve: defer interrupt enabling until NAPI registrati
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
gve: defer interrupt enabling until NAPI registration
Currently, interrupts are automatically enabled immediately upon
request. This allows interrupt to fire before the associated NAPI
context is fully initiali…
CVE-2025-71157
In the Linux kernel, the following vulnerability has been resolved:
RDMA/core: always drop device refcount in ib_del_su
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
RDMA/core: always drop device refcount in ib_del_sub_device_and_put()
Since nldev_deldev() (introduced by commit 060c642b2ab8 ("RDMA/nldev: Add
support to add/delete a sub IB device through netlink") grabs a re…
CVE-2025-71159
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix use-after-free warning in btrfs_get_or_c
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix use-after-free warning in btrfs_get_or_create_delayed_node()
Previously, btrfs_get_or_create_delayed_node() set the delayed_node's
refcount before acquiring the root->delayed_nodes lock.
Commit e8513…
CVE-2025-71162
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: tegra-adma: Fix use-after-free
A use-af
04:01 KSA
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: tegra-adma: Fix use-after-free
A use-after-free bug exists in the Tegra ADMA driver when audio streams
are terminated, particularly during XRUN conditions. The issue occurs
when the DMA buffer is fre…
CVE-2025-9711
A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user
04:01 KSA
A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.
CVE-2026-0383
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash she
04:01 KSA
A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command.
CVE-2026-0405
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access th
04:01 KSA
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin.
CVE-2026-0536
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerabil
04:01 KSA
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2026-0537
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A mal
04:01 KSA
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2026-0538
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A
04:01 KSA
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2026-0651
On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, al
04:01 KSA
On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, allowing local unauthenticated probing of filesystem paths. An attacker on the local network can determine whether certain files exists on the device, with no rea…
CVE-2026-0659
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bo
04:01 KSA
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2026-0660
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerabil
04:01 KSA
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2026-0661
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A mal
04:01 KSA
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2026-0662
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitra
04:01 KSA
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.
CVE-2026-0859
TYPO3's mail‑file spool deserialization flaw lets local users with write access to the spool directory craft a malicious
04:01 KSA
TYPO3's mail‑file spool deserialization flaw lets local users with write access to the spool directory craft a malicious file that is deserialized during the mailer:spool:send command, enabling arbitrary PHP code execution on the web server. This issue affects TYPO3 CMS versions …
CVE-2026-0870
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching
04:01 KSA
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
CVE-2026-1260
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created
04:01 KSA
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure.
CVE-2026-1442
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an a
04:30 KSA
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go…
CVE-2026-20614
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 2
04:01 KSA
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to gain root privileges.
CVE-2026-20615
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tah
04:01 KSA
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to gain root privileges.
CVE-2026-20698
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4
23:54 KSA
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2026-20816
Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileg
04:01 KSA
Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2026-20826
Concurrent execution using shared resource with improper synchronization ('race condition') in Tablet Windows User Inter
04:01 KSA
Concurrent execution using shared resource with improper synchronization ('race condition') in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2026-20831
Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized
04:01 KSA
Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-20951
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
04:01 KSA
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
CVE-2026-20979
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary act
04:01 KSA
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
CVE-2026-20983
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attacke
04:01 KSA
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
CVE-2026-21224
Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally
04:01 KSA
Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-2123
A security audit identified a privilege escalation
vulnerability in Operations Agent(<=OA 12.29) on Windows. Under speci
17:48 KSA
A security audit identified a privilege escalation
vulnerability in Operations Agent(
CVE-2026-21240
Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privilege
04:01 KSA
Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
CVE-2026-21274
Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result
04:01 KSA
Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthori…
CVE-2026-21275
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that
04:01 KSA
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a …
CVE-2026-21276
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that
04:01 KSA
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a …
CVE-2026-21277
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could
04:01 KSA
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malici…
CVE-2026-21281
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in
04:01 KSA
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21283
Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in
04:01 KSA
Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21287
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbi
04:01 KSA
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21298
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result
04:01 KSA
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fil…
CVE-2026-21299
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result
04:01 KSA
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fil…
CVE-2026-21304
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could
04:01 KSA
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malici…
CVE-2026-21305
Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result
04:01 KSA
Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fil…
CVE-2026-21306
Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result
04:01 KSA
Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file…
CVE-2026-21307
Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write vulnerability that could resul
04:01 KSA
Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi…
CVE-2026-21312
Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary c
04:01 KSA
Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21318
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitr
04:01 KSA
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21320
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co
04:01 KSA
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21321
After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could resul
04:01 KSA
After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi…
CVE-2026-21322
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file,
04:01 KSA
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the…
CVE-2026-21323
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co
04:01 KSA
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21324
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file,
04:01 KSA
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the…
CVE-2026-21325
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file,
04:01 KSA
After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the…
CVE-2026-21326
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co
04:01 KSA
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21327
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitr
04:01 KSA
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21328
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitr
04:01 KSA
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21329
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co
04:01 KSA
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21330
After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion')
04:01 KSA
After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a …
CVE-2026-21334
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could resul
04:01 KSA
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi…
CVE-2026-21335
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could resul
04:01 KSA
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi…
CVE-2026-21341
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result i
04:01 KSA
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21342
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result i
04:01 KSA
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21343
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a craft
04:01 KSA
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the contex…
CVE-2026-21344
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a craft
04:01 KSA
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the contex…
CVE-2026-21345
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a craft
04:01 KSA
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the contex…
CVE-2026-21346
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arb
04:01 KSA
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21347
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could re
04:01 KSA
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
CVE-2026-21349
Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in ar
04:01 KSA
Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21351
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co
04:01 KSA
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21352
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitr
04:01 KSA
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-21353
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could resul
04:01 KSA
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi…
CVE-2026-21357
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could
04:01 KSA
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malici…
CVE-2026-21371
Memory Corruption when retrieving output buffer with insufficient size validation.
00:38 KSA
Memory Corruption when retrieving output buffer with insufficient size validation.
CVE-2026-21372
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
00:38 KSA
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
CVE-2026-21373
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validatio
05:45 KSA
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
CVE-2026-21375
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21376
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21378
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21380
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
05:45 KSA
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
CVE-2026-21382
Memory Corruption when handling power management requests with improperly sized input/output buffers.
11:54 KSA
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Memory corruption while using alignments for memory allocation.
CVE-2026-22561
Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.336
03:23 KSA
Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enab…
CVE-2026-22676
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gai
13:54 KSA
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation conte…
CVE-2026-31485
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-fsl-lpspi: fix teardown order issue (UAF)
22:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-fsl-lpspi: fix teardown order issue (UAF)
There is a teardown order issue in the driver. The SPI controller is
registered using devm_spi_register_controller(), which delays
unregistration of the SPI co…
CVE-2026-31489
In the Linux kernel, the following vulnerability has been resolved:
spi: meson-spicc: Fix double-put in remove path
me
22:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
spi: meson-spicc: Fix double-put in remove path
meson_spicc_probe() registers the controller with
devm_spi_register_controller(), so teardown already drops the
controller reference via devm cleanup.
Calling sp…
CVE-2026-31493
In the Linux kernel, the following vulnerability has been resolved:
RDMA/efa: Fix use of completion ctx after free
On
22:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
RDMA/efa: Fix use of completion ctx after free
On admin queue completion handling, if the admin command completed with
error we print data from the completion context. The issue is that we
already freed the com…
CVE-2026-31500
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btintel: serialize btintel_hw_error() wi
22:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock
btintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET
and Intel exception-info retrieval) without holding
hci_req_sync_lock()…
CVE-2026-31506
In the Linux kernel, the following vulnerability has been resolved:
net: bcmasp: fix double free of WoL irq
We do not
22:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
net: bcmasp: fix double free of WoL irq
We do not need to free wol_irq since it was instantiated with
devm_request_irq(). So devres will free for us.
CVE-2026-31527
In the Linux kernel, the following vulnerability has been resolved:
driver core: platform: use generic driver_override
00:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
driver core: platform: use generic driver_override infrastructure
When a driver is probed through __driver_attach(), the bus' match()
callback is called without the device lock held, thus accessing the
driver_o…
CVE-2026-31530
In the Linux kernel, the following vulnerability has been resolved:
cxl/port: Fix use after free of parent_port in cxl_
00:18 KSA
In the Linux kernel, the following vulnerability has been resolved:
cxl/port: Fix use after free of parent_port in cxl_detach_ep()
cxl_detach_ep() is called during bottom-up removal when all CXL memory
devices beneath a switch port have been removed. For each port in the
hierar…
CVE-2026-31566
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix fence put before wait in amdgpu_amd
04:00 KSA
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib
amdgpu_amdkfd_submit_ib() submits a GPU job and gets a fence
from amdgpu_ib_schedule(). This fence is used to wait for job
completion.
Currently…
CVE-2026-31576
In the Linux kernel, the following vulnerability has been resolved:
media: hackrf: fix to not free memory after the dev
04:00 KSA
In the Linux kernel, the following vulnerability has been resolved:
media: hackrf: fix to not free memory after the device is registered in hackrf_probe()
In hackrf driver, the following race condition occurs:
```
CPU0 CPU1
hackrf_probe()
kzalloc(); // alloc hackrf_dev…
CVE-2026-31578
In the Linux kernel, the following vulnerability has been resolved:
media: as102: fix to not free memory after the devi
04:00 KSA
In the Linux kernel, the following vulnerability has been resolved:
media: as102: fix to not free memory after the device is registered in as102_usb_probe()
In as102_usb driver, the following race condition occurs:
```
CPU0 CPU1
as102_usb_probe()
kzalloc(); // alloc as…
CVE-2026-31580
In the Linux kernel, the following vulnerability has been resolved:
bcache: fix cached_dev.sb_bio use-after-free and cr
04:00 KSA
In the Linux kernel, the following vulnerability has been resolved:
bcache: fix cached_dev.sb_bio use-after-free and crash
In our production environment, we have received multiple crash reports
regarding libceph, which have caught our attention:
```
[6888366.280350] Call Trace…
CVE-2026-31581
In the Linux kernel, the following vulnerability has been resolved:
ALSA: 6fire: fix use-after-free on disconnect
In u
04:00 KSA
In the Linux kernel, the following vulnerability has been resolved:
ALSA: 6fire: fix use-after-free on disconnect
In usb6fire_chip_abort(), the chip struct is allocated as the card's
private data (via snd_card_new with sizeof(struct sfire_chip)). When
snd_card_free_when_closed…
CVE-2026-31582
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (powerz) Fix use-after-free on USB disconnec
04:00 KSA
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (powerz) Fix use-after-free on USB disconnect
After powerz_disconnect() frees the URB and releases the mutex, a
subsequent powerz_read() call can acquire the mutex and call
powerz_read_data(), which dere…
⚠️ Threat Intelligence
40 threats
rss:Recorded Future
—
09:00 KSA
The Money Mule Problem Solution: What Every Scam Has in Common
The article discusses how mule account intelligence is a critical approach to preventing Authorized Push Payment (APP) fraud by identifying and tracking money mule accounts before fraudulent funds ar…
rss:Dark Reading
—
05:00 KSA
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
Former NSA civilian leadership reflects on organizational failures during the Snowden disclosure incident and provides insights on insider threat detection, media management, and security…
rss:Dark Reading
—
03:19 KSA
Feuding Ransomware Groups Leak Each Other's Data
Rival ransomware groups 0APT and KryBit exposed each other's infrastructure and operational data during their conflict, providing cybersecurity defenders with rare visibility into ransomware gang operations a…
rss:Dark Reading
—
02:18 KSA
Vidar Rises to Top of Chaotic Infostealer Market
Vidar infostealer malware has emerged as a dominant threat in the cybercriminal landscape, capitalizing on the market vacuum left by law enforcement operations against competing infostealers Lumma and Rhadamanthys…
rss:SecurityWeek
—
01:16 KSA
Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
Cyber insurance data from Resilience demonstrates the direct financial impact of security gaps, providing CISOs with quantifiable evidence to justify budget increases to boards. This data-driven approach…
rss:The Hacker News
—
01:16 KSA
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
A critical remote code execution vulnerability (CVE-2026-3854, CVSS 8.7) has been discovered in GitHub.com and GitHub Enterprise Server that allows authenticated users to…
rss:BleepingComputer
—
01:16 KSA
Video service Vimeo confirms Anodot breach exposed user data
Vimeo has confirmed that user and customer data was exposed following an unauthorized breach at Anodot, a data anomaly detection company. The incident resulted in unauthorized access to sensitive infor…
rss:SecurityWeek
—
00:08 KSA
Vimeo Confirms User and Customer Data Breach
Vimeo has confirmed a data breach where the ShinyHunters threat group stole user and customer data. The attackers are demanding ransom in exchange for not leaking the stolen files publicly. This incident impacts the c…
rss:The Hacker News
—
00:08 KSA
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A Brazilian cybercrime group has resurfaced after three years with a new malware campaign targeting Minecraft players using LofyStealer (GrabBot). The malware disguises itself as…
rss:CISA Advisories
—
00:08 KSA
NSA GRASSMARLIN
A vulnerability in NSA GRASSMARLIN affecting all versions could allow attackers to disclose sensitive information through improper restriction mechanisms. The vulnerability has a CVSS v3 score of 5.5, indicating a medium-severity risk to organiza…
rss:SecurityWeek
—
21:54 KSA
Robinhood Vulnerability Exploited for Phishing Attacks
Attackers exploited a Robinhood vulnerability to send phishing emails that appear legitimate, directing users to malicious websites. This demonstrates how legitimate platforms can be weaponized for credentia…
rss:SecurityWeek
—
21:54 KSA
Webinar Today: A Step-by-Step Approach to AI Governance
A webinar addressing AI governance frameworks to help organizations transition from uncontrolled AI usage to a structured, scalable governance model. Proper AI governance is critical for managing security r…
rss:SecurityWeek
—
21:54 KSA
The Mythos Moment: Enterprises Must Fight Agents with Agents
Enterprises need AI-driven agentic defense platforms to protect against emerging threats in the agentic era. The article emphasizes that traditional security approaches are insufficient against autonom…
rss:Dark Reading
—
21:54 KSA
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers are escalating a campaign to distribute malicious VS Code extensions through the Open VSX marketplace that appear legitimate but contain self-propagating malware. This supply chain …
rss:BleepingComputer
—
21:54 KSA
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx confirmed that the LAPSUS$ threat group successfully leaked sensitive data stolen from its private GitHub repository. This incident highlights the continued t…
rss:BleepingComputer
—
21:54 KSA
US reportedly charges Scattered Spider hacker arrested in Finland
A 19-year-old dual US-Estonian citizen arrested in Finland faces federal charges for allegedly being a prolific member of the Scattered Spider hacking collective. The arrest represents a significa…
rss:Recorded Future
—
20:48 KSA
Lazarus Doesn't Need AGI
Analysis of the 2026 Claude Mythos breach revealing significant supply chain vulnerabilities and a sophisticated cryptocurrency theft operation exceeding $2 billion. The Lazarus Group demonstrates advanced attack capabilities withou…
rss:The Hacker News
—
20:48 KSA
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
VECT 2.0 ransomware operates as a destructive wiper due to flawed encryption implementation that permanently destroys files larger than 131KB across Windows, Linux, and ESXi syste…
rss:SecurityWeek
—
19:36 KSA
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
Over 70 malicious cloned extensions on the Open VSX marketplace have been identified as sleeper malware designed to distribute GlassWorm malware to developers. This supply chain attack targets softw…
rss:SecurityWeek
—
19:36 KSA
Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable
Sevii has launched a new Cyber Swarm Defense solution to address the unpredictable and escalating costs associated with deploying agentic AI for security operations. This addresses …
rss:SecurityWeek
—
19:36 KSA
Alleged Chinese State Hacker Extradited to US
Xu Zewei, a member of the Chinese state-sponsored APT group Silk Typhoon, has been extradited to the US to face charges for cyberattacks against American universities. This case highlights ongoing threats from Chines…
rss:The Hacker News
—
19:36 KSA
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
The article discusses how organizations often overlook secure data movement as a critical component of Zero Trust security frameworks, leading to program stagnation. Research reveals that m…
rss:BleepingComputer
—
19:36 KSA
Inside an OPSEC Playbook: How Threat Actors Evade Detection
Threat actors are publishing structured OPSEC playbooks that detail evasion techniques including layered infrastructure, identity separation, and long-term detection avoidance strategies. These guides r…
rss:BleepingComputer
—
19:36 KSA
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft will begin blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting July 2026. This deprecation aims to improve security by eliminating outdated encryp…
rss:SecurityWeek
—
18:08 KSA
No Patch for New PhantomRPC Privilege Escalation Technique in Windows
PhantomRPC is a new privilege escalation technique that exploits Windows RPC mechanisms by using a fake RPC server to impersonate legitimate services and elevate privileges to System level. Th…
rss:SecurityWeek
—
18:08 KSA
Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety
Zero Motorcycles and Yadea electric scooters contain vulnerabilities that could be exploited to compromise vehicle security and endanger rider safety. These weaknesses in connected…
rss:The Hacker News
—
18:08 KSA
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
A critical vulnerability (CVE-2026-25874, CVSS 9.3) has been disclosed in Hugging Face's LeRobot open-source robotics platform, affecting a project with nearly 24,000 GitHub stars. T…
rss:Malwarebytes Lab
—
17:00 KSA
Fake CAPTCHA scam turns a quick click into a costly phone bill
Scammers are exploiting fake CAPTCHA verification pages to trick users into sending premium international SMS messages, resulting in unauthorized charges on victims' phone bills. The attackers profit…
rss:SecurityWeek
—
17:00 KSA
Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials
German federal prosecutors are investigating alleged cyberattacks targeting Signal accounts of top government officials, with suspicions pointing to Russian involvement. The investigat…
rss:The Hacker News
—
17:00 KSA
After Mythos: New Playbooks For a Zero-Window Era
The article discusses how AI advancements are rapidly closing the exploit window that organizations traditionally relied upon for patching vulnerabilities. Network Detection and Response (NDR) solutions are prese…
rss:Malwarebytes Lab
—
15:54 KSA
Chinese engineer stole US military and NASA software for years
A Chinese engineer conducted a sophisticated social engineering campaign, creating fake Gmail accounts and impersonating legitimate US researchers to deceive NASA, military institutions, and universi…
rss:The Hacker News
—
15:54 KSA
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
A Chinese national, Xu Zewei, has been extradited to the U.S. from Italy for alleged membership in the Silk Typhoon state-sponsored hacking group. The individual is accused of orches…
rss:BleepingComputer
—
15:54 KSA
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft has identified a bug where newly implemented Windows security warnings fail to display correctly when users open Remote Desktop (.rdp) files. This issue could potentially reduce user awaren…
rss:SecurityWeek
—
14:41 KSA
Spectrum Security Emerges From Stealth Mode With $19 Million
Spectrum Security, a threat detection startup, has secured $19 million in funding to accelerate its engineering and market expansion efforts. The company is emerging from stealth mode to scale its thre…
rss:BleepingComputer
—
14:41 KSA
Microsoft asks iPhone users to reauthenticate after Outlook outage
Microsoft experienced a widespread Outlook.com outage affecting users globally, after which iPhone users were required to re-enter their credentials to restore access to Outlook and Hotmail accou…
rss:The Hacker News
—
13:36 KSA
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft has confirmed active exploitation of CVE-2026-32202, a high-severity spoofing vulnerability in Windows Shell. The vulnerability, with a CVSS score of 4.3, is being actively exploite…
rss:The Hacker News
—
13:36 KSA
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
A privileged administrative role in Microsoft Entra ID designed for AI agents contains a vulnerability that could enable privilege escalation and identity takeover attacks. The Agent ID…
rss:SecurityWeek
—
12:35 KSA
Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
Cybercrime group ShinyHunters claimed responsibility for stealing 9 million records from medical device manufacturer Medtronic, threatening to leak personal information. This data breach impacts a c…
rss:BleepingComputer
—
05:36 KSA
Robinhood account creation flaw abused to send phishing emails
Threat actors exploited a vulnerability in Robinhood's account creation process to inject phishing messages into legitimate platform emails, deceiving users into believing their accounts had suspicio…
rss:BleepingComputer
—
04:14 KSA
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
GlassWorm malware campaign has deployed 73 malicious extensions in the OpenVSX ecosystem that remain dormant until activated via updates. These sleeper extensions pose a significant s…
📰 Cybersecurity News
2 articles
Saudi Arabia and UAE Sign Historic Cross-Border Data Protection Agreement Under GCC Digital Framewor
03:35 KSA
Saudi Arabia and the UAE have signed a landmark bilateral agreement establishing unified data protection standards for cross-border data flows, marking a significant step toward GCC-wide digital integ…
GCC States Mandate Unified Data Breach
03:35 KSA
This digest is updated automatically every day — Last updated: Tuesday, April 28, 2026
CVE Archive ·
Threats ·
News