π¨ CVE-2026-40514
SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000 possible values. An unauthenticated attacker can use the attachment download endpoint as an oracle to determine the seed in use and derive encryption keys and initialization vectors to forge sharing tokens for arbitrary emails, attachments, or file storage contents without prior access to the targeted content.
π@cveNotify
SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000 possible values. An unauthenticated attacker can use the attachment download endpoint as an oracle to determine the seed in use and derive encryption keys and initialization vectors to forge sharing tokens for arbitrary emails, attachments, or file storage contents without prior access to the targeted content.
π@cveNotify
Smartertools
SmarterMail Additions, Changes and Fixes
SmarterMail new features, enhancements and bug fixes.
β€1
π¨ CVE-2026-3087
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
π@cveNotify
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
π@cveNotify
GitHub
[3.15] gh-146581: Update docs for dangerous filenames in ZIP files (G⦠· python/cpython@65b2554
β¦H-149994) (GH-150064)
gh-146581: Update docs for dangerous filenames in ZIP files (GH-149994)
(cherry picked from commit ba0aca3bffce431fe2fbd53ca4cd6a717a2e2c19)
Co-authored-by: Serhiy Storchak...
gh-146581: Update docs for dangerous filenames in ZIP files (GH-149994)
(cherry picked from commit ba0aca3bffce431fe2fbd53ca4cd6a717a2e2c19)
Co-authored-by: Serhiy Storchak...
π¨ CVE-2026-9255
Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin.
We recommend you to upgrade to kiro-cli version 1.28.0 or later.
π@cveNotify
Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin.
We recommend you to upgrade to kiro-cli version 1.28.0 or later.
π@cveNotify
π¨ CVE-2026-24162
NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.
π@cveNotify
NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.
π@cveNotify
π¨ CVE-2019-25721
DrΓ€ger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. Attackers can exploit this vulnerability to force the device into a fail state requiring manual restart, causing loss of wireless connectivity and interruption of patient monitoring functionality.
π@cveNotify
DrΓ€ger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. Attackers can exploit this vulnerability to force the device into a fail state requiring manual restart, causing loss of wireless connectivity and interruption of patient monitoring functionality.
π@cveNotify
π¨ CVE-2019-25722
DrΓ€ger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-coded plaintext credentials in source code and a denial-of-service vulnerability that allows local and remote attackers to compromise device integrity across all software versions. A local attacker with direct device access can use the hard-coded credentials to access service and clinical accounts and alter device configuration, while a remote attacker can send malformed network packets to cause repeated device reboots, ultimately resulting in loss of network connectivity and disruption of patient monitoring.
π@cveNotify
DrΓ€ger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-coded plaintext credentials in source code and a denial-of-service vulnerability that allows local and remote attackers to compromise device integrity across all software versions. A local attacker with direct device access can use the hard-coded credentials to access service and clinical accounts and alter device configuration, while a remote attacker can send malformed network packets to cause repeated device reboots, ultimately resulting in loss of network connectivity and disruption of patient monitoring.
π@cveNotify
π¨ CVE-2019-25723
DrΓ€ger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal processor with malformed data to trigger a warm restart, causing ventilation pressure to drop to ambient level and interrupting ventilation for several seconds before therapy resumes.
π@cveNotify
DrΓ€ger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal processor with malformed data to trigger a warm restart, causing ventilation pressure to drop to ambient level and interrupting ventilation for several seconds before therapy resumes.
π@cveNotify
π¨ CVE-2019-25724
DrΓ€ger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a network-based denial of service vulnerability that allows attackers with access to the hospital or Infinity Network to repeatedly trigger device reboots until the device enters a fail state requiring manual restart. Attackers can exploit this vulnerability to cause loss of wireless network connectivity, temporary loss of patient monitoring, and interruption of alarm functionality until the device is manually recovered.
π@cveNotify
DrΓ€ger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a network-based denial of service vulnerability that allows attackers with access to the hospital or Infinity Network to repeatedly trigger device reboots until the device enters a fail state requiring manual restart. Attackers can exploit this vulnerability to cause loss of wireless network connectivity, temporary loss of patient monitoring, and interruption of alarm functionality until the device is manually recovered.
π@cveNotify
π¨ CVE-2021-4478
DrΓ€ger CC-Vision Basic before 7.5.3 and DrΓ€ger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the underlying system.
π@cveNotify
DrΓ€ger CC-Vision Basic before 7.5.3 and DrΓ€ger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the underlying system.
π@cveNotify
π¨ CVE-2021-4479
DrΓ€ger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload the internal processor, gradually disrupting device operation over several hours and causing loss of data transmission, delayed display of real-time curves, and deviation between displayed airway pressure values and screen curves.
π@cveNotify
DrΓ€ger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload the internal processor, gradually disrupting device operation over several hours and causing loss of data transmission, delayed display of real-time curves, and deviation between displayed airway pressure values and screen curves.
π@cveNotify
π¨ CVE-2025-64390
A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed JAR file.
π@cveNotify
A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed JAR file.
π@cveNotify
HackerOne
PlayStation disclosed on HackerOne: PS4 BD-J privilege escalation...
Affected PS4 system software: version 13.00 to latest (13.02).
**Core Issue**:
- **Security Policy (`BdjPolicyImpl`)**: Canonicalizes the URL path using `File.getCanonicalPath()`, which resolves...
**Core Issue**:
- **Security Policy (`BdjPolicyImpl`)**: Canonicalizes the URL path using `File.getCanonicalPath()`, which resolves...
π¨ CVE-2026-10584
Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS.
To remediate this issue, users should upgrade to Graph Explorer v3.0.1 or later.
π@cveNotify
Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS.
To remediate this issue, users should upgrade to Graph Explorer v3.0.1 or later.
π@cveNotify
π¨ CVE-2026-10701
Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3.
π@cveNotify
Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3.
π@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2038537. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
π¨ CVE-2026-10702
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
π@cveNotify
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
π@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2040903. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
π¨ CVE-2026-28299
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
π@cveNotify
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
π@cveNotify
π¨ CVE-2026-5385
An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item.
This issue affects glpi: before 11.0.7.
π@cveNotify
An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item.
This issue affects glpi: before 11.0.7.
π@cveNotify
Fluidattacks
GLPI 11.0.0 - Stored XSS in knowledge base | Fluid Attacks
CVE-2026-5385: GLPI 11.0.6 contains a stored cross-site scripting (XSS) vulnerability in KnowbaseItemController::content().
π¨ CVE-2021-4480
DrΓ€ger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.
π@cveNotify
DrΓ€ger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.
π@cveNotify
π¨ CVE-2026-7807
SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms and hardcoded keys to decrypt and access stored passwords and 2FA secrets for all users.
π@cveNotify
SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms and hardcoded keys to decrypt and access stored passwords and 2FA secrets for all users.
π@cveNotify
Smartertools
SmarterMail Additions, Changes and Fixes
SmarterMail new features, enhancements and bug fixes.
π¨ CVE-2026-34352
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
π@cveNotify
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
π@cveNotify
GitHub
Prevent other users reading x0vncserver screen Β· TigerVNC/tigervnc@0b5cab1
Prevent other users from observing the screen, or modifying what is sent
to the client. Malicious attackers can even crash x0vncserver if they
time the modifications right.
to the client. Malicious attackers can even crash x0vncserver if they
time the modifications right.
π¨ CVE-2026-35535
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
π@cveNotify
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
π@cveNotify
π¨ CVE-2026-2377
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems.
π@cveNotify
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems.
π@cveNotify