π¨ CVE-2026-8704
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
π@cveNotify
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
π@cveNotify
π¨ CVE-2026-40421
External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.
π@cveNotify
External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.
π@cveNotify
π¨ CVE-2026-41094
Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network.
π@cveNotify
Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network.
π@cveNotify
π¨ CVE-2026-41100
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
π@cveNotify
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
π@cveNotify
π¨ CVE-2026-42831
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2026-42832
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
π@cveNotify
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
π@cveNotify
π¨ CVE-2026-41101
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
π@cveNotify
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
π@cveNotify
π¨ CVE-2026-41102
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.
π@cveNotify
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.
π@cveNotify
π¨ CVE-2026-41103
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
π@cveNotify
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
π@cveNotify
π¨ CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data in transit.
π@cveNotify
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data in transit.
π@cveNotify
π¨ CVE-2026-43638
Bitwarden Server prior to v2026.4.1 contains a missing authorization vulnerability that allows any authenticated user to write ciphers into an arbitrary organization via `POST /ciphers/import-organization` by submitting an empty `collections` array, which causes the server-side permission check to be skipped.
π@cveNotify
Bitwarden Server prior to v2026.4.1 contains a missing authorization vulnerability that allows any authenticated user to write ciphers into an arbitrary organization via `POST /ciphers/import-organization` by submitting an empty `collections` array, which causes the server-side permission check to be skipped.
π@cveNotify
GitHub
[PM-34383] Add import validation allowing providers to perform import⦠· bitwarden/server@ebbf6dd
β¦s (#7394)
* resolve auth bypass and enable nullable (tech debt)
* fix failing test
* resolve auth bypass and enable nullable (tech debt)
* fix failing test
π¨ CVE-2026-43639
Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their provider via `POST /providers/{providerId}/clients/existing`, resulting in takeover of the target organization; self-hosted installations are unaffected as this endpoint is restricted to Cloud via SelfHosted(NotSelfHostedOnly = true).
π@cveNotify
Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their provider via `POST /providers/{providerId}/clients/existing`, resulting in takeover of the target organization; self-hosted installations are unaffected as this endpoint is restricted to Cloud via SelfHosted(NotSelfHostedOnly = true).
π@cveNotify
GitHub
Add checks and tests to provider controllers (#7372) Β· bitwarden/server@0918bfd
Bitwarden infrastructure/backend (API, database, Docker, etc). - Add checks and tests to provider controllers (#7372) Β· bitwarden/server@0918bfd
π¨ CVE-2026-43640
Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session.
π@cveNotify
Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session.
π@cveNotify
GitHub
Removing not scim check from api-key and rotate-api-key (#7403) Β· bitwarden/server@eb251d9
Bitwarden infrastructure/backend (API, database, Docker, etc). - Removing not scim check from api-key and rotate-api-key (#7403) Β· bitwarden/server@eb251d9
π¨ CVE-2026-7210
`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.
π@cveNotify
`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.
π@cveNotify
GitHub
[CVE-2026-7210] Insufficient entropy in `pyexpat` with protection against hash flooding Β· Issue #149018 Β· python/cpython
Hi! pyexpat calls XML_SetHashSalt which only passes 4 to 8 bytes of entropy to protect against hash flooding. Expat 2.8.0 introduced a new API function XML_SetHashSalt16Bytes that allows CPython to...
π¨ CVE-2026-8305
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 2026.2.12 is sufficient to resolve this issue. The patch is named a6653be0265f1f02b9de46c06f52ea7c81a836e6. The affected component should be upgraded.
π@cveNotify
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 2026.2.12 is sufficient to resolve this issue. The patch is named a6653be0265f1f02b9de46c06f52ea7c81a836e6. The affected component should be upgraded.
π@cveNotify
GitHub
security-advisories/ClawdBot(aka OpenClaw)-Auth-Bypass-SSRF at main Β· Dave-gilmore-aus/security-advisories
security advisories. Contribute to Dave-gilmore-aus/security-advisories development by creating an account on GitHub.
π¨ CVE-2026-8581
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
π@cveNotify
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 148.0.7778.167/168 for Windows/Mac and 148.0.7778.167 for Linux, which will roll out over the comin...
π¨ CVE-2026-34960
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK packet without a proper 0xff end marker to cause the parser to read past valid packet data and potentially crash the system.
π@cveNotify
barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK packet without a proper 0xff end marker to cause the parser to read past valid packet data and potentially crash the system.
π@cveNotify
GitHub
GitHub - barebox/barebox: The barebox bootloader - Mirror of ssh://public@git.pengutronix.de/barebox
The barebox bootloader - Mirror of ssh://public@git.pengutronix.de/barebox - barebox/barebox
π¨ CVE-2026-7256
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.
π@cveNotify
Zyxel
End of life | Zyxel Networks
Zyxel Networks is a leading provider of secure, AI-powered cloud networking solutions for SMBs and the enterprise edge, ensuring seamless connectivity and robust security.
π¨ CVE-2026-7257
** UNSUPPORTED WHEN ASSIGNED ** An insecure storage of sensitive information vulnerability in the configuration file of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow a local attacker with administrator privileges to download and decrypt a backup configuration file.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** An insecure storage of sensitive information vulnerability in the configuration file of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow a local attacker with administrator privileges to download and decrypt a backup configuration file.
π@cveNotify
Zyxel
End of life | Zyxel Networks
Zyxel Networks is a leading provider of secure, AI-powered cloud networking solutions for SMBs and the enterprise edge, ensuring seamless connectivity and robust security.
π¨ CVE-2026-7287
** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the βwebsβ binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C0 could allow an attacker to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request to a vulnerable device.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the βwebsβ binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C0 could allow an attacker to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request to a vulnerable device.
π@cveNotify
Zyxel
End of life | Zyxel Networks
Zyxel Networks is a leading provider of secure, AI-powered cloud networking solutions for SMBs and the enterprise edge, ensuring seamless connectivity and robust security.
π¨ CVE-2026-1322
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with a read_api scoped OAuth application to create issues and add comments to issues in private projects due to improper authorization.
π@cveNotify
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with a read_api scoped OAuth application to create issues and add comments to issues in private projects due to improper authorization.
π@cveNotify
Gitlab
GitLab release notes | GitLab Docs
GitLab release announcements and feature highlights