Aggregator

CVE-2026-2523 | Open5GS up to 2.7.6 SMF /src/smf/gn-handler.c smf_gn_handle_create_pdp_context_request assertion (Issue 4285)

VulDB Recent Entries
1 day 12 hours ago
A vulnerability, which was classified as problematic, was found in Open5GS up to 2.7.6. The affected element is the function smf_gn_handle_create_pdp_context_request of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. This vulnerability is known as CVE-2026-2523. It is possible to launch the attack remotely. Furthermore, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

CVE-2026-2522 | Open5GS up to 2.7.6 MME /src/mme/esm-build.c memory corruption (Issue 4283)

VulDB Recent Entries
1 day 12 hours ago
A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2026-2522. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

CVE-2026-2521 | Open5GS up to 2.7.6 SGW-C sgwc_s5c_handle_create_session_response memory corruption (Issue 4282)

VulDB Recent Entries
1 day 12 hours ago
A vulnerability classified as critical was found in Open5GS up to 2.7.6. This issue affects the function sgwc_s5c_handle_create_session_response of the component SGW-C. Executing a manipulation can lead to memory corruption. This vulnerability appears as CVE-2026-2521. The attack may be performed from remote. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

CVE-2026-1490 | CleanTalk Spam protection, Anti-Spam, FireWall Plugin up to 6.71 on WordPress Plugin Installation checkWithoutToken authorization

Vuldb Updates
1 day 14 hours ago
A vulnerability identified as problematic has been detected in CleanTalk Spam protection, Anti-Spam, FireWall Plugin up to 6.71 on WordPress. Affected is the function checkWithoutToken of the component Plugin Installation Handler. The manipulation leads to authorization bypass. This vulnerability is listed as CVE-2026-1490. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2026-1750 | Ecwid by Lightspeed Ecommerce Shopping Cart Plugin save_custom_user_profile_fields privileges management

Vuldb Updates
1 day 14 hours ago
A vulnerability labeled as critical has been found in Ecwid by Lightspeed Ecommerce Shopping Cart Plugin up to 7.0.7 on WordPress. Affected by this vulnerability is the function save_custom_user_profile_fields. The manipulation of the argument ec_store_admin_access results in improper privilege management. This vulnerability is cataloged as CVE-2026-1750. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2026-1793 | Element Pack Addons for Elementor Plugin up to 8.3.17 on WordPress SVG Widget render_svg path traversal

Vuldb Updates
1 day 14 hours ago
A vulnerability marked as critical has been reported in Element Pack Addons for Elementor Plugin up to 8.3.17 on WordPress. Affected by this issue is the function render_svg of the component SVG Widget. This manipulation causes path traversal. This vulnerability is registered as CVE-2026-1793. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

CVE-2025-40327 | Linux Kernel up to 6.17.7 __perf_event_overflow recursion (Nessus ID 298897)

Vuldb Updates
1 day 14 hours ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.17.7. Impacted is the function __perf_event_overflow. The manipulation leads to uncontrolled recursion. This vulnerability is traded as CVE-2025-40327. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-40332 | Linux Kernel up to 6.12.57/6.17.7 amdkfd svm_range_restore_pages denial of service (EUVD-2025-201870 / Nessus ID 298897)

Vuldb Updates
1 day 14 hours ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.57/6.17.7. Affected by this vulnerability is the function svm_range_restore_pages of the component amdkfd. Performing a manipulation results in denial of service. This vulnerability is reported as CVE-2025-40332. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-2025-40329 | Linux Kernel up to 6.6.116/6.12.57/6.17.7 sched local_irq_disable deadlock (Nessus ID 298897)

Vuldb Updates
1 day 14 hours ago
A vulnerability was found in Linux Kernel up to 6.6.116/6.12.57/6.17.7. It has been declared as critical. Affected by this vulnerability is the function local_irq_disable of the component sched. Such manipulation leads to deadlock. This vulnerability is listed as CVE-2025-40329. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-40314 | Linux Kernel up to 5.15.196/6.1.158/6.6.116/6.12.57/6.17.7 cdns3 __cdnsp_gadget_init initialization (EUVD-2025-201631 / Nessus ID 298897)

Vuldb Updates
1 day 14 hours ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 5.15.196/6.1.158/6.6.116/6.12.57/6.17.7. Affected by this issue is the function __cdnsp_gadget_init of the component cdns3. Executing a manipulation can lead to improper initialization. This vulnerability is registered as CVE-2025-40314. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

Managed ad