Aggregator

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. This impacts the function digital_in_recv_sdd_res of the component NFC. Executing a manipulation can lead to heap-based buffer overflow. This vulnerability appears as CVE-2026-31622. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been classified as critical. Impacted is the function efr_status_names of the component ALSA. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2026-31619. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.18.23/6.19.13/7.0.0. This affects the function usb_ifnum_to_if of the component USB Handler. Such manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2026-31620. Access to the local network is required for this attack to succeed. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been rated as critical. This impacts the function FBIOPUT_VSCREENINFO of the component Udlfb Driver. This manipulation causes divide by zero. This vulnerability is handled as CVE-2026-31618. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.

三星相册将很快停止直接与OneDrive同步早在去年九月，媒体在泄露的One UI 8.5版本中发现了代码，表明三星相册将终止对微软 OneDrive 的支持。近日，一位Reddit用户发现，微软最近

A vulnerability, which was classified as problematic, was found in SourceCodester Hospital Patient Records Management System 1.0. This issue affects some unknown processing. Such manipulation of the argument Description leads to cross site scripting. This vulnerability is referenced as CVE-2022-22852. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as problematic, has been found in SourceCodester Hospital Patient Records Management System 1.0. This vulnerability affects unknown code. This manipulation of the argument Description causes cross site scripting. The identification of this vulnerability is CVE-2022-22850. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in SourceCodester Hospital Patient Records Management System 1.0. This issue affects some unknown processing of the file doctors.php. Executing a manipulation of the argument specialization can lead to cross site scripting. This vulnerability appears as CVE-2022-22851. The attack may be performed from remote. In addition, an exploit is available.

I’m doing Open Source primarily because I love it. The social aspects, the for-the-good angle an

Сервис для управления идентификацией и доступом, созданный с фокусом на кибербезопасность, удобство пользователей и выгоду для бизнеса.

Submit #815067 / VDB-191669

A vulnerability was found in CodeAstro Leave Management System 1.0. It has been declared as critical. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_id can lead to sql injection. This vulnerability is tracked as CVE-2026-9542. The attack can be launched remotely. Moreover, an exploit is present.

Submit #814936 / VDB-285939

A vulnerability was found in Squirrel up to 3.2. It has been classified as critical. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. This vulnerability is identified as CVE-2026-9541. The attack is only possible with local access. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet.

Submit #814925 / VDB-360865

Submit #814866 / VDB-365603

Submit #814826 / VDB-365602

A vulnerability was found in vllm-project vllm 0.19.0 and classified as problematic. This issue affects some unknown processing of the component OpenAI-compatible Serving Path. Such manipulation leads to denial of service. This vulnerability is referenced as CVE-2026-9540. It is possible to launch the attack remotely. Furthermore, an exploit is available. The pull request to fix this issue awaits acceptance.

Submit #814645 / VDB-365601

换个角度，关注企业出海安全~