๐จ CVE-2026-3100
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data.
Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
๐@cveNotify
The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle (MitM) attack, which may intercept, modify, or obtain sensitive information such as authentication credentials and backup data.
Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
๐@cveNotify
ASUSTOR
็ผ่ก่ณ่จ - ASUSTOR NAS
๐จ CVE-2026-3179
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write files outside the intended backup directory. A path traversal vulnerability may allow an attacker to overwrite arbitrary files on the system and potentially achieve privilege escalation or remote code execution.
Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
๐@cveNotify
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write files outside the intended backup directory. A path traversal vulnerability may allow an attacker to overwrite arbitrary files on the system and potentially achieve privilege escalation or remote code execution.
Affected products and versions include: from ADM 4.1.0 through ADM 4.3.3.ROF1 as well as from ADM 5.0.0 through ADM 5.1.2.RE51.
๐@cveNotify
ASUSTOR
็ผ่ก่ณ่จ - ASUSTOR NAS
๐จ CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
๐@cveNotify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-88
๐จ CVE-2025-15087
A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function submitOrderPayment of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java. Such manipulation of the argument orderSn leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function submitOrderPayment of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java. Such manipulation of the argument orderSn leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
GitHub
youlai-mall improper access control in POST /mall-oms/app-api/v1/orders/payment enables horizontal privilege escalation and unauthorizedโฆ
youlai-mall improper access control in POST /mall-oms/app-api/v1/orders/payment enables horizontal privilege escalation and unauthorized payment initiation on victim orders Contributors: Huang Weig...
๐จ CVE-2026-22990
In the Linux kernel, the following vulnerability has been resolved:
libceph: replace overzealous BUG_ON in osdmap_apply_incremental()
If the osdmap is (maliciously) corrupted such that the incremental
osdmap epoch is different from what is expected, there is no need to
BUG. Instead, just declare the incremental osdmap to be invalid.
๐@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
libceph: replace overzealous BUG_ON in osdmap_apply_incremental()
If the osdmap is (maliciously) corrupted such that the incremental
osdmap epoch is different from what is expected, there is no need to
BUG. Instead, just declare the incremental osdmap to be invalid.
๐@cveNotify
๐จ CVE-2026-26722
An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to escalate privileges via PIN component of the login functionality.
๐@cveNotify
An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to escalate privileges via PIN component of the login functionality.
๐@cveNotify
GitHub
vulnerability-disclosures/CVE-2026-26722 at main ยท chndlrx/vulnerability-disclosures
Public disclosures of software vulnerabilities discovered and responsibly reported by Chandler Johnson. Includes CVEs, technical writeups, and proof-of-concepts. - chndlrx/vulnerability-disclosures
๐จ CVE-2026-26723
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.
๐@cveNotify
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.
๐@cveNotify
GitHub
vulnerability-disclosures/CVE-2026-26723 at main ยท chndlrx/vulnerability-disclosures
Public disclosures of software vulnerabilities discovered and responsibly reported by Chandler Johnson. Includes CVEs, technical writeups, and proof-of-concepts. - chndlrx/vulnerability-disclosures
๐จ CVE-2026-26724
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the selectgroup and gn parameters on the /?Function=Groups endpoint.
๐@cveNotify
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the selectgroup and gn parameters on the /?Function=Groups endpoint.
๐@cveNotify
GitHub
vulnerability-disclosures/CVE-2026-26724 at main ยท chndlrx/vulnerability-disclosures
Public disclosures of software vulnerabilities discovered and responsibly reported by Chandler Johnson. Includes CVEs, technical writeups, and proof-of-concepts. - chndlrx/vulnerability-disclosures
๐จ CVE-2025-1789
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.
๐@cveNotify
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.
๐@cveNotify
๐จ CVE-2026-26340
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of surveillance data.
๐@cveNotify
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of surveillance data.
๐@cveNotify
Tattile: Hi-Performance Mobility Solutions & AI software for ANPR, ALPR cameras
Tattile custom vision solutions and software. Automatic number & license plate reading cameras, enforcement camera with videoanalytics for ITS, with BBC and AID.
๐จ CVE-2026-26341
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data.
๐@cveNotify
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data.
๐@cveNotify
Tattile: Hi-Performance Mobility Solutions & AI software for ANPR, ALPR cameras
Tattile custom vision solutions and software. Automatic number & license plate reading cameras, enforcement camera with videoanalytics for ITS, with BBC and AID.
๐จ CVE-2025-43281
The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges.
๐@cveNotify
The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges.
๐@cveNotify
Apple Support
About the security content of macOS Sequoia 15.6 - Apple Support
This document describes the security content of macOS Sequoia 15.6.
๐จ CVE-2026-1333
A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
๐@cveNotify
A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
๐@cveNotify
Dassault Systรจmes
CVE-2026-1333 - Dassault Systรจmes
Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026
๐จ CVE-2026-1334
An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
๐@cveNotify
An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
๐@cveNotify
Dassault Systรจmes
CVE-2026-1334 - Dassault Systรจmes
Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026
๐จ CVE-2026-1335
An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
๐@cveNotify
An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
๐@cveNotify
Dassault Systรจmes
CVE-2026-1335 - Dassault Systรจmes
Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026
๐จ CVE-2025-27900
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
๐@cveNotify
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
๐@cveNotify
Ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
There are multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows. All platforms are affected, and all previous versions may also be affected.
๐จ CVE-2025-27903
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transmits data in a cleartext communication channel that could allow an attacker to obtain sensitive information using man in the middle techniques.
๐@cveNotify
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transmits data in a cleartext communication channel that could allow an attacker to obtain sensitive information using man in the middle techniques.
๐@cveNotify
Ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
There are multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows. All platforms are affected, and all previous versions may also be affected.
๐จ CVE-2025-27904
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
๐@cveNotify
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
๐@cveNotify
Ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
There are multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows. All platforms are affected, and all previous versions may also be affected.
๐จ CVE-2026-26721
An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter.
๐@cveNotify
An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter.
๐@cveNotify
GitHub
vulnerability-disclosures/CVE-2026-26721 at main ยท chndlrx/vulnerability-disclosures
Public disclosures of software vulnerabilities discovered and responsibly reported by Chandler Johnson. Includes CVEs, technical writeups, and proof-of-concepts. - chndlrx/vulnerability-disclosures
๐จ CVE-2026-2459
A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.
๐@cveNotify
A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.
๐@cveNotify
๐จ CVE-2026-2460
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.
๐@cveNotify
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.
๐@cveNotify