Sat, Mar 28 · 07:16 PM CDTCVE-2026-3256
9.8/10 · Must read/watchNVDvuln
Summary
HTTP::Session versions before 0.54 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the PID. The PID will come from a small set of nu
CVECVE-2026-3256
SeverityCRITICAL
TypeUPDATED
PublishedSat, Mar 28 · 07:16 PM CDT
ModifiedMon, Jun 29 · 07:16 AM CDT
Wed, Jun 24 · 05:17 PM CDTCVE-2026-52955
9.8/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crush_decode() A message of type CEPH_MSG_OSD_MAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an out-of-bounds acc
CVECVE-2026-52955
SeverityCRITICAL
TypeUPDATED
PublishedWed, Jun 24 · 05:17 PM CDT
ModifiedMon, Jun 29 · 06:16 AM CDT
Tue, May 19 · 03:16 PM CDTCVE-2026-2587
9.6/10 · Must read/watchNVDvuln
Summary
A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language (EL) “expressions” are processed without proper san
CVECVE-2026-2587
SeverityCRITICAL
TypeUPDATED
PublishedTue, May 19 · 03:16 PM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Thu, Jun 25 · 09:16 AM CDTCVE-2026-53131
9.4/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using eth_hdr() `ip6t_eui64`, `xt_mac`, the `bitmap:ip,mac`, `hash:ip,mac`, and `hash:mac` ipset types, and `nf_log_syslog` access `eth_hdr(skb)` after either assuming that the skb is associated with an Eth
CVECVE-2026-53131
SeverityCRITICAL
TypeUPDATED
PublishedThu, Jun 25 · 09:16 AM CDT
ModifiedMon, Jun 29 · 06:16 AM CDT
Tue, May 19 · 03:16 PM CDTCVE-2026-2586
9.1/10 · Must read/watchNVDvuln
Summary
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user. This issue affects Eclipse Glass
CVECVE-2026-2586
SeverityCRITICAL
TypeUPDATED
PublishedTue, May 19 · 03:16 PM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Mon, Jun 29 · 12:16 AM CDTCVE-2026-13515
8.8/10 · Worth your timeNVDvuln
Summary
A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be
CVECVE-2026-13515
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 12:16 AM CDT
ModifiedMon, Jun 29 · 12:16 AM CDT
Mon, Jun 29 · 12:16 AM CDTCVE-2026-13516
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be us
CVECVE-2026-13516
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 12:16 AM CDT
ModifiedMon, Jun 29 · 12:16 AM CDT
Mon, Jun 29 · 01:16 AM CDTCVE-2026-13517
8.8/10 · Worth your timeNVDvuln
Summary
A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security_5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
CVECVE-2026-13517
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 01:16 AM CDT
ModifiedMon, Jun 29 · 01:16 AM CDT
Mon, Jun 29 · 01:16 AM CDTCVE-2026-13518
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
CVECVE-2026-13518
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 01:16 AM CDT
ModifiedMon, Jun 29 · 01:16 AM CDT
Mon, Jun 29 · 02:16 AM CDTCVE-2026-13519
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
CVECVE-2026-13519
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 02:16 AM CDT
ModifiedMon, Jun 29 · 02:16 AM CDT
Mon, Jun 29 · 07:16 AM CDTCVE-2026-13539
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the function sub_407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guest_ssid leads to stack-based buffer overflow. The attack can be executed remotely. The exp
CVECVE-2026-13539
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 07:16 AM CDT
ModifiedMon, Jun 29 · 07:16 AM CDT
Mon, Jun 29 · 09:16 AM CDTCVE-2026-13545
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may
CVECVE-2026-13545
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 09:16 AM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Thu, Jun 25 · 09:16 AM CDTCVE-2026-53198
8.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL A deferred byte-range lock (an SMB2_LOCK that blocks) registers an async work on conn->async_requests via setup_async_work(), with cancel_fn = smb2_remove_blocked_lock and cancel_a
CVECVE-2026-53198
SeverityHIGH
TypeUPDATED
PublishedThu, Jun 25 · 09:16 AM CDT
ModifiedMon, Jun 29 · 06:16 AM CDT
Fri, Mar 27 · 05:16 PM CDTCVE-2026-28367
8.7/10 · Worth your timeNVDvuln
Summary
A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer, potentially leading to u
CVECVE-2026-28367
SeverityHIGH
TypeUPDATED
PublishedFri, Mar 27 · 05:16 PM CDT
ModifiedMon, Jun 29 · 10:16 AM CDT
Fri, Mar 27 · 05:16 PM CDTCVE-2026-28368
8.7/10 · Worth your timeNVDvuln
Summary
A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing secu
CVECVE-2026-28368
SeverityHIGH
TypeUPDATED
PublishedFri, Mar 27 · 05:16 PM CDT
ModifiedMon, Jun 29 · 10:16 AM CDT
Mon, Jun 29 · 07:16 AM CDTCVE-2025-2902
8.3/10 · Worth your timeNVDvuln
Summary
Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-07-26-xx/00, GUM Ver. 93-07-26/00; Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5
CVECVE-2025-2902
SeverityHIGH
TypeNEW
PublishedMon, Jun 29 · 07:16 AM CDT
ModifiedMon, Jun 29 · 07:16 AM CDT
Tue, May 26 · 10:16 PM CDTCVE-2026-42013
8.2/10 · Worth your timeNVDvuln
Summary
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-
CVECVE-2026-42013
SeverityHIGH
TypeUPDATED
PublishedTue, May 26 · 10:16 PM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Tue, May 26 · 10:16 PM CDTCVE-2026-5260
8.2/10 · Worth your timeNVDvuln
Summary
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.
CVECVE-2026-5260
SeverityHIGH
TypeUPDATED
PublishedTue, May 26 · 10:16 PM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Thu, Jun 25 · 09:16 AM CDTCVE-2026-53192
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at snd_timer_user_params() At releasing a timer object, e.g. when a userspace timer (CONFIG_SND_UTIMER) gets closed and snd_timer_free() is called, it tries to detach the timer instances and release the resources. However, it's sti
CVECVE-2026-53192
SeverityHIGH
TypeUPDATED
PublishedThu, Jun 25 · 09:16 AM CDT
ModifiedMon, Jun 29 · 06:16 AM CDT
Fri, Jun 19 · 05:16 PM CDTCVE-2026-56208
7.6/10 · Worth your timeNVDvuln
Summary
A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing (LAP) mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when g_lag_in_frames is set to 1 or higher. This results in a 232-byte out-of-bounds wri
CVECVE-2026-56208
SeverityHIGH
TypeUPDATED
PublishedFri, Jun 19 · 05:16 PM CDT
ModifiedMon, Jun 29 · 01:16 AM CDT
Thu, Apr 30 · 06:16 PM CDTCVE-2026-33845
7.5/10 · Worth your timeNVDvuln
Summary
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
CVECVE-2026-33845
SeverityHIGH
TypeUPDATED
PublishedThu, Apr 30 · 06:16 PM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Mon, May 04 · 10:15 AM CDTCVE-2026-33846
7.5/10 · Worth your timeNVDvuln
Summary
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fra
CVECVE-2026-33846
SeverityHIGH
TypeUPDATED
PublishedMon, May 04 · 10:15 AM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Mon, May 18 · 01:16 PM CDTCVE-2026-42009
7.5/10 · Worth your timeNVDvuln
Summary
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable
CVECVE-2026-42009
SeverityHIGH
TypeUPDATED
PublishedMon, May 18 · 01:16 PM CDT
ModifiedMon, Jun 29 · 09:16 AM CDT
Wed, Jun 24 · 05:17 PM CDTCVE-2026-52946
7.5/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling A SOFTIRQ-safe to SOFTIRQ-unsafe lock order deadlock can occur in send_sigio() and send_sigurg() when a process group receives a signal. When FASYNC is configured for a process group (PIDTYPE_
CVECVE-2026-52946
SeverityHIGH
TypeUPDATED
PublishedWed, Jun 24 · 05:17 PM CDT
ModifiedMon, Jun 29 · 06:16 AM CDT
Wed, Jun 24 · 05:17 PM CDTCVE-2026-52954
7.5/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decode_choose_args() A message of type CEPH_MSG_OSD_MAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain choose_args that get decoded in decode_choose_args().
CVECVE-2026-52954
SeverityHIGH
TypeUPDATED
PublishedWed, Jun 24 · 05:17 PM CDT
ModifiedMon, Jun 29 · 06:16 AM CDT