Briefs

A remote, authenticated attacker can exploit multiple vulnerabilities in Django to perform SQL injections, disclose confidential information, or cause a denial-of-service condition.

CVE-2026-5261 is an unrestricted file upload vulnerability in Shandong Hoteam InforCenter PLM up to version 8.3.8, allowing remote attackers to execute arbitrary code by uploading malicious files via the uploadFileToIIS function.

Unauthenticated attackers can exploit CVE-2026-3055 (out-of-bounds read) to exfiltrate sensitive data from NetScaler ADC and Gateway, while CVE-2026-4368 (race condition) enables user session hijacking, necessitating immediate patching and enhanced monitoring.

Researchers demonstrated that AI agents built on Google's Vertex AI can be compromised to exfiltrate data, create backdoors, and compromise infrastructure by abusing excessive permissions of the Per-Project, Per-Product Service Agent (P4SA).

A path traversal vulnerability (CVE-2026-5258) exists in Sanster IOPaint 1.5.3, allowing remote attackers to read arbitrary files by manipulating the filename argument in the _get_file function within the File Manager component.

An application installer vulnerable to CVE-2026-3780 runs with elevated privileges but resolves system executables and DLLs using an untrusted search path, enabling local privilege escalation by allowing a local attacker to inject malicious binaries.

CVE-2026-3779 is a use-after-free vulnerability in a Foxit application where stale references to page/form objects can lead to arbitrary code execution via crafted documents.

XenForo before 2.3.9 and 2.2.18 allows remote code execution by authenticated, malicious admin users with admin panel access.

XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes, potentially allowing client applications to gain access beyond their intended authorization level due to improper authorization checks.

XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by open_basedir restrictions, allowing attackers to gain sensitive information about the server's directory structure.

XenForo before 2.3.7 is vulnerable to code injection due to a loose prefix match for methods accessible within templates, potentially allowing unauthorized method invocations.

SiYuan Note versions prior to the fix for commit f09953afc57a are vulnerable to reflected cross-site scripting (XSS) via a namespace prefix bypass in the SanitizeSVG function when handling dynamic icons, allowing unauthenticated attackers to execute arbitrary JavaScript in a victim's browser.

itsourcecode Payroll Management System 1.0 is vulnerable to SQL injection via the ID parameter in /view_employee.php, allowing remote attackers to execute arbitrary SQL commands.

A vulnerability in OpenClaw Gateway allows a write-scoped gateway caller to rotate a target session, archive the prior transcript state, and force a new session id without admin scope via the `chat.send` path by reusing command authorization to trigger `/reset` session rotation.

File Browser version 2.62.1 and earlier is vulnerable to stored cross-site scripting (XSS) via crafted EPUB files, allowing attackers to execute arbitrary JavaScript in a victim's browser by exploiting the application's misconfigured iframe sandbox and stealing sensitive information like JWT tokens.

A SQL injection vulnerability (CVE-2026-5237) exists in itsourcecode Payroll Management System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the ID parameter in the /manage_user.php file.

SiYuan versions prior to 3.6.2 are vulnerable to remote code execution (RCE) via a malicious website exploiting a permissive CORS policy to inject a JavaScript snippet, leading to arbitrary code execution within the application's Node.js context.

Vulnerabilities in Vim (<=9.2.0271) and GNU Emacs allow remote code execution by opening a specially crafted file, leveraging flaws in modeline handling and Git integration, respectively.

The widely used Axios npm package was compromised via a supply chain attack on March 31, 2026, resulting in the publication of malicious versions through a compromised maintainer account.

CVE-2026-4800 allows attackers to inject arbitrary code at template compilation time via untrusted input passed as key names in the options.imports object of the _.template function in lodash versions prior to 4.18.0, potentially leading to remote code execution.

SourceCodester Leave Application System 1.0 is vulnerable to remote file inclusion (CVE-2026-5210) due to improper handling of the 'page' argument, potentially allowing attackers to execute arbitrary code.

CVE-2026-5190 is an out-of-bounds write vulnerability in the aws-c-event-stream library before version 0.6.0 that allows a malicious third-party server to cause memory corruption and potential arbitrary code execution on client applications.

SciTokens C++ library before 1.4.1 is vulnerable to an authorization bypass (CVE-2026-32725) due to improper path normalization, allowing attackers to escalate privileges by using parent-directory traversal in scope claims.

UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 is vulnerable to arbitrary file overwrite (CVE-2026-30282) via the file import process, allowing attackers to overwrite critical internal files and potentially achieve arbitrary code execution or information exposure.

An attacker exploits CVE-2026-20929 by manipulating DNS responses to redirect Kerberos authentication to attacker-controlled AD CS, enabling certificate enrollment for persistent access.

NVIDIA BioNeMo is vulnerable to deserialization of untrusted data (CVE-2026-24164), potentially leading to code execution, denial of service, information disclosure, and data tampering.

CVE-2026-24154 is a vulnerability in NVIDIA Jetson Linux where an unprivileged attacker with physical access can inject incorrect command line arguments into initrd, potentially leading to code execution, privilege escalation, denial of service, data tampering, and information disclosure.

CVE-2026-24148 is a vulnerability in NVIDIA Jetson for JetPack's system initialization logic, where an unprivileged attacker can cause the initialization of a resource with an insecure default, potentially leading to information disclosure, data tampering, and denial of service.

A stack-based buffer overflow vulnerability (CVE-2026-5204) exists in the Tenda CH22 1.0.0.1 router, allowing remote attackers to execute arbitrary code by manipulating the webSiteId argument in the formWebTypeLibrary function.

A vulnerability exists in mppx TypeScript interface before version 0.4.11, allowing attackers to close or grief channels for free by submitting close vouchers equal to the settled amount due to incorrect validation.