security-flaw
65 articles with this tag
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
CRITICAL
HIGH
MEDIUM
MEDIUM
INFO
INFO
CRITICAL
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
LOW
MEDIUM
MEDIUM
MEDIUM
MEDIUM
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
MEDIUM
MEDIUM
CRITICAL
HIGH
MEDIUM
CRITICAL
HIGH
MEDIUM
LOW
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
MEDIUM
LOW
MEDIUM
MEDIUM
CVE-2026-43620 Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()
CVE-2026-43618 Rsync < 3.4.3 Integer Overflow Information Disclosure
CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
Google publishes exploit code threatening millions of Chromium users
USN-8276-1: Highlight.js vulnerability
'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments
AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?
[NEU] [hoch] Adobe Connect: Mehrere Schwachstellen
[NEU] [hoch] BigBlueButton: Schwachstelle ermöglicht Cross-Site Scripting
Claude in Chrome is taking orders from the wrong extensions
[NEU] [mittel] MISP: Schwachstelle ermöglicht Cross-Site Scripting
Kernel LPE Vulnerability Published Early Due To Third-Party Breaking Embargo
Cline Kanban Flaw Lets Websites Hijack AI Coding Agents
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don't bother
Max-severity RCE flaw found in Google Gemini CLI
[NEU] [mittel] Dell integrated Dell Remote Access Controller: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[NEU] [hoch] Xen und Citrix Systems XenServer: Mehrere Schwachstellen
[NEU] [hoch] OpenClaw: Mehrere Schwachstellen
Over 6,400 Apache ActiveMQ servers at risk of ongoing attacks
LABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You?
Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core
Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
Lovable AI coding platform faces scrutiny over data exposure
[NEU] [hoch] nginx-ui: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen
[NEU] [mittel] OpenBao: Mehrere Schwachstellen
CVE-2026-33891 Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input
CVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)
CVE-2026-33895 Forge has signature forgery in Ed25519 due to missing S > L check
CVE-2026-33671 Picomatch has a ReDoS vulnerability via extglob quantifiers
CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`
CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation
CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function
CVE-2026-2645 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2
CVE-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I
CVE-2026-3849 Buffer Overflow in HPKE via Oversized ECH Config
Critical flaw in Protobuf library enables JavaScript code execution
USN-8180-1: Linux kernel vulnerabilities
"TotalRecall Reloaded" tool finds a side entrance to Windows 11's Recall database
‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks
Vulnérabilité dans les produits Moxa (08 avril 2026)
AFC Ajax drops ball as flaws let hackers play admin with tickets and bans
[NEU] [mittel] LangChain: Schwachstelle ermöglicht Offenlegung von Informationen
[NEU] [hoch] OpenBao: Mehrere Schwachstellen
[UPDATE] [mittel] Grub2: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen
[NEU] [UNGEPATCHT] [mittel] Keycloak: Schwachstelle ermöglicht Offenlegung von Informationen
[NEU] [hoch] OpenClaw: Mehrere Schwachstellen
[NEU] [mittel] OpenBSD: Schwachstelle ermöglicht nicht spezifizierten Angriff und potenziell Denial of Service
UK: Companies House Web Glitch Exposes Corporate Details to Fraudsters
Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes
NCSC-2026-0083 [1.00] [M/H] Kwetsbaarheid verholpen in Microsoft Authenticator app
VU#976247: Antivirus and Endpoint Detection and Response Archive Scanning Engines may not properly scan malformed zip archives
[UPDATE] [niedrig] Keycloak (SAML brokering): Schwachstelle ermöglicht Manipulation von Dateien
Aruba Products Multiple Vulnerabilities
SSRF in GUI console
[NEU] [mittel] OpenBSD: Schwachstelle ermöglicht nicht spezifizierten Angriff
[NEU] [hoch] OpenClaw: Mehrere Schwachstellen
[NEU] [mittel] IBM App Connect Enterprise: Mehrere Schwachstellen
[NEU] [mittel] Samsung Exynos: Mehrere Schwachstellen ermöglichen Denial of Service
OpenSSL CVE-2025-15467
XSS in default error page
[UPDATE] [mittel] Keycloak: Mehrere Schwachstellen
15,200 OpenClaw Control Panels with Full System Access Exposed to the Internet
[NEU] [mittel] Checkmk: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[UPDATE] [mittel] MailPit: Mehrere Schwachstellen