CVE Notify
19.2K subscribers
4 photos
185K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
🚨 CVE-2026-55706
sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.

🎖@cveNotify
🚨 CVE-2025-60231
Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection.

This issue affects The Hospital: from n/a through 1.8.1.

🎖@cveNotify
🚨 CVE-2025-66391
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account.

🎖@cveNotify
🚨 CVE-2025-69128
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal.

This issue affects JobCareer: from n/a through 7.3.

🎖@cveNotify