Briefs

baserCMS versions prior to 5.2.3 are vulnerable to arbitrary code execution via a crafted zip file upload through the restore function, leading to unauthenticated remote command execution on the webserver.

A stack-based buffer overflow vulnerability exists in Tenda CH22 1.0.0.1 via manipulation of the `mit_linktype` argument in the `/goform/QuickIndex` endpoint, potentially enabling remote code execution.

A stack-based buffer overflow vulnerability exists in Tenda CH22 1.0.0.1/1.If allowing remote attackers to execute arbitrary code by manipulating the `funcname` argument in the `/goform/setcfm` endpoint.

The Contact Form by Supsystic WordPress plugin is vulnerable to Server-Side Template Injection (SSTI) via the `cfsPreFill` parameter, leading to unauthenticated Remote Code Execution (RCE).

A heap-buffer-overflow read vulnerability exists in FreeRDP versions prior to 3.24.2, specifically in the winpr_aligned_offset_recalloc() function, potentially leading to denial of service or information disclosure.

Botan C++ cryptography library versions 2.3.0 before 3.11.0 are vulnerable to a heap over-read during SM2 decryption due to insufficient validation of the authentication code length, potentially leading to crashes or undefined behavior.

A remote SQL injection vulnerability (CVE-2026-5150) exists in code-projects Accounting System 1.0 via manipulation of the 'cos_id' argument in /viewin_costumer.php, potentially allowing attackers to execute arbitrary SQL commands.

CVE-2026-3991 is an elevation of privilege vulnerability in Symantec Data Loss Prevention (DLP) Windows Endpoint that could allow a local attacker to gain elevated access to resources.

A remote SQL injection vulnerability (CVE-2026-5147) exists in YunaiV yudao-cloud up to version 2026.01 via the Website argument in the /admin-api/system/tenant/get-by-website endpoint, allowing unauthenticated attackers to potentially execute arbitrary SQL queries.

Vim versions before 9.2.0272 allow code execution upon opening a specially crafted file due to %{expr} injection in tabpanel lacking P_MLE in the default configuration, potentially leading to arbitrary code execution.

A threat actor compromised the PyPI package `telnyx`, uploading malicious versions 4.87.1 and 4.87.2 containing credential-stealing malware that exfiltrates data to a C2 server.

A vulnerability in the iconv() function of the GNU C Library (versions 2.43 and earlier) can cause a crash due to an assertion failure when handling IBM1390 or IBM1399 character sets, potentially leading to remote application denial-of-service.

Parse Server versions before 8.6.65 and between 9.0.0 and 9.7.0-alpha.9 are vulnerable to a data leak where protected fields and authentication data can be exposed to unauthorized clients due to shared mutable objects across concurrent LiveQuery subscribers.

A path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root by manipulating the relativePath parameter in GraphQL mutations, leading to potential arbitrary code execution.

The Glances XML-RPC server exposes sensitive system information due to a permissive CORS policy and missing Content-Type validation, enabling attackers to bypass CORS restrictions and steal data like hostnames, OS details, IP addresses, and process lists.

Gotenberg versions before 8.29.0 are vulnerable to unauthenticated arbitrary file read, where a case-insensitive URL scheme bypasses the Chromium deny-list, allowing attackers to read sensitive files such as /etc/passwd by using mixed-case or uppercase URL schemes like FILE:///etc/passwd, leading to the leakage of sensitive data from the Gotenberg container and bypassing the fix for CVE-2024-21527.

A remote, unauthenticated attacker can crash applications using libp2p-gossipsub versions prior to 0.49.4 by sending a crafted PRUNE control message with a near-maximum backoff value, causing an arithmetic overflow during heartbeat processing.

Multiple vulnerabilities in Wazuh allow an attacker to perform denial-of-service attacks, execute arbitrary code, manipulate data, and disclose sensitive information, potentially leading to significant data breaches and system compromise.

An anonymous remote attacker can exploit multiple vulnerabilities in Red Hat Undertow to bypass security measures, manipulate data, and disclose sensitive information.

Multiple vulnerabilities in Fleet allow an attacker to perform SQL injection, denial of service, bypass security measures, disclose information, and execute arbitrary program code with administrator privileges.

Multiple vulnerabilities in Grafana allow a remote attacker to conduct a denial-of-service attack, execute code, or disclose information.

Detection of PowerShell scripts modifying the msDS-ManagedAccountPrecededByLink attribute, potentially indicating exploitation of the BadSuccessor privilege escalation vulnerability in Windows Server 2025.

An authenticated, remote attacker can exploit a vulnerability in Langflow to manipulate files, potentially leading to unauthorized data modification or application compromise.

CVE-2026-5128 exposes sensitive Steam account data via the /users API endpoint and logs in ArthurFiorette steam-trader 2.1.1, allowing account takeover.

An anonymous, remote attacker can exploit multiple vulnerabilities in OpenBao to bypass security measures or conduct cross-site scripting attacks.

Multiple vulnerabilities in Dovecot can be exploited by an attacker to perform SQL injection attacks, bypass authentication, disclose sensitive information, or cause a denial-of-service condition.

Multiple vulnerabilities in Internet Systems Consortium BIND can be exploited by a remote attacker to conduct a denial of service attack or bypass security measures.

Multiple vulnerabilities in NGINX Plus and NGINX can be exploited by an attacker to perform a denial of service attack, manipulate data, bypass security measures, and potentially execute arbitrary program code, leading to significant impact.

Multiple vulnerabilities in F5 BIG-IP and F5OS allow an attacker to bypass security mechanisms, escalate privileges, cause a denial-of-service condition, perform a cross-site scripting attack, and disclose or manipulate information.

Gigabyte Control Center has an Arbitrary File Write vulnerability (CVE-2026-4415) that allows unauthenticated remote attackers to write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.