Fri, Mar 06 · 07:16 PM CSTCVE-2026-29063
9.8/10 · Must read/watchNVDvuln
Summary
Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable via the mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject() APIs. This issue has been patched in versions 3.8.3, 4.3.7, and 5.1.5.
CVECVE-2026-29063
SeverityCRITICAL
TypeUPDATED
PublishedFri, Mar 06 · 07:16 PM CST
ModifiedFri, Apr 17 · 09:32 PM CDT
CVE-2025-54236
9.1/10 · Must read/watchNVDvuln
Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe
CVECVE-2025-54236
SeverityCRITICAL
TypeUPDATED
PublishedTue, Sep 09 · 02:15 PM CDT
ModifiedTue, Apr 14 · 07:00 PM CDT
CVE-2025-15602
8.8/10 · Worth your timeNVDvuln
Summary
Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently protected against mass assignment. An authenticated, low-privileged user can craft a malicious API request to modify restricted fields of another user account, including the Super Admin account. By c
CVECVE-2025-15602
SeverityHIGH
TypeUPDATED
PublishedFri, Mar 06 · 05:16 PM CST
ModifiedFri, Apr 17 · 09:30 PM CDT
CVE-2026-23395
8.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending (FLAG_DEFER_SETUP) which can cause more than L2C
CVECVE-2026-23395
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-33506
8.8/10 · Worth your timeNVDvuln
Summary
Ory Polis, formerly known as BoxyHQ Jackson, bridges or proxies a SAML login flow to OAuth 2.0 or OpenID Connect. Versions prior to 26.2.0 contain a DOM-based Cross-Site Scripting (XSS) vulnerability in Ory Polis's login functionality. The application improperly trusts a URL parameter (`callbackUrl`), which is passed t
CVECVE-2026-33506
SeverityHIGH
TypeUPDATED
PublishedThu, Mar 26 · 07:17 PM CDT
ModifiedFri, Apr 17 · 07:45 PM CDT
CVE-2026-3854
8.8/10 · Worth your timeNVDvuln
Summary
An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly sanitized before being inclu
CVECVE-2026-3854
SeverityHIGH
TypeUPDATED
PublishedTue, Mar 10 · 06:19 PM CDT
ModifiedFri, Apr 17 · 06:16 PM CDT
CVE-2026-31788
8.2/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will deny any hypercalls affect
CVECVE-2026-31788
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2025-27363
8.1/10 · Worth your timeNVDvuln
Summary
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing
CVECVE-2025-27363
SeverityHIGH
TypeUPDATED
PublishedTue, Mar 11 · 02:15 PM CDT
ModifiedFri, Apr 17 · 01:36 PM CDT
CVE-2024-36898
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to contain edge events is overl
CVECVE-2024-36898
SeverityHIGH
TypeUPDATED
PublishedThu, May 30 · 04:15 PM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2025-21739
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto private data and pointers are stored as p
CVECVE-2025-21739
SeverityHIGH
TypeUPDATED
PublishedThu, Feb 27 · 03:15 AM CST
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2025-37778
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krb_authenticate krb_authenticate frees sess->user and does not set the pointer to NULL. It calls ksmbd_krb5_authenticate to reinitialise sess->user but that function may return without doing so. If that happens then smb2
CVECVE-2025-37778
SeverityHIGH
TypeUPDATED
PublishedThu, May 01 · 02:15 PM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23227
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which easily causes concurrency problem. For examp
CVECVE-2026-23227
SeverityHIGH
TypeUPDATED
PublishedWed, Feb 18 · 04:22 PM CST
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23245
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list. Convert the parameters to an RCU-protected snapshot and swap updates under tcf_lock, free
CVECVE-2026-23245
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 18 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23253
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvb_dvr_open() calls dvb_ringbuffer_init() when a new reader opens the DVR device. dvb_ringbuffer_init() calls init_waitqueue_head(), which reinitializes the waitqueue list head to emp
CVECVE-2026-23253
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 18 · 06:16 PM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23268
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened fd to a privileged pro
CVECVE-2026-23268
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 18 · 06:16 PM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23270
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held by the defragmentation engine. As reported b
CVECVE-2026-23270
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 18 · 06:16 PM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23274
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revision 1 with XT_IDLETIMER_ALARM, the object use
CVECVE-2026-23274
SeverityHIGH
TypeUPDATED
PublishedFri, Mar 20 · 09:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23336
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() There is a use-after-free error in cfg80211_shutdown_all_interfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211_shutdown_all_interfaces+0x213/0x220 Read of size 8 at addr fff
CVECVE-2026-23336
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23340
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush qdiscs for queues which will no longer be used. qdisc_reset
CVECVE-2026-23340
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23351
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible context, triggering
CVECVE-2026-23351
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23372
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: nfc: rawsock: cancel tx_work before socket teardown In rawsock_release(), cancel any pending tx_work and purge the write queue before orphaning the socket. rawsock_tx_work runs on the system workqueue and calls nfc_data_exchange which dereferences the
CVECVE-2026-23372
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-23391
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_CT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy, nfnetlink_cttimeout might
CVECVE-2026-23391
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 11:16 AM CDT
ModifiedSat, Apr 18 · 09:16 AM CDT
CVE-2026-28518
7.8/10 · Worth your timeNVDvuln
Summary
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or drive prefixes in member
CVECVE-2026-28518
SeverityHIGH
TypeUPDATED
PublishedTue, Mar 03 · 03:16 PM CST
ModifiedFri, Apr 17 · 09:19 PM CDT
CVE-2026-4775
7.8/10 · Worth your timeNVDvuln
Summary
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a deni
CVECVE-2026-4775
SeverityHIGH
TypeUPDATED
PublishedTue, Mar 24 · 03:16 PM CDT
ModifiedFri, Apr 17 · 05:17 PM CDT
CVE-2023-52356
7.5/10 · Worth your timeNVDvuln
Summary
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
CVECVE-2023-52356
SeverityHIGH
TypeUPDATED
PublishedThu, Jan 25 · 08:15 PM CST
ModifiedFri, Apr 17 · 02:16 PM CDT
