π¨ CVE-2026-47152
In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted.
π@cveNotify
In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted.
π@cveNotify
GitHub
GitHub - SiliconLabsSoftware/sisdk-release: Simplicity GA release repo
Simplicity GA release repo. Contribute to SiliconLabsSoftware/sisdk-release development by creating an account on GitHub.
π¨ CVE-2026-47153
In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted.
π@cveNotify
In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted.
π@cveNotify
GitHub
GitHub - SiliconLabsSoftware/sisdk-release: Simplicity GA release repo
Simplicity GA release repo. Contribute to SiliconLabsSoftware/sisdk-release development by creating an account on GitHub.
π¨ CVE-2026-47154
In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devices supporting the Simple Metering cluster may be impacted.
π@cveNotify
In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devices supporting the Simple Metering cluster may be impacted.
π@cveNotify
GitHub
GitHub - SiliconLabsSoftware/sisdk-release: Simplicity GA release repo
Simplicity GA release repo. Contribute to SiliconLabsSoftware/sisdk-release development by creating an account on GitHub.
π¨ CVE-2026-4526
In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed.
π@cveNotify
In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed.
π@cveNotify
GitHub
GitHub - SiliconLabsSoftware/sisdk-release: Simplicity GA release repo
Simplicity GA release repo. Contribute to SiliconLabsSoftware/sisdk-release development by creating an account on GitHub.
π¨ CVE-2024-21626
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue.
π@cveNotify
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue.
π@cveNotify
packetstorm.news
Packet Storm Security
Packet Storm Security provides security news, exploits, advisories, and tools for information security professionals.
π¨ CVE-2025-10911
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
π@cveNotify
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
π@cveNotify
π¨ CVE-2026-5419
A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.
π@cveNotify
A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.
π@cveNotify
π¨ CVE-2026-47647
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.
π@cveNotify
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.
π@cveNotify
π¨ CVE-2026-54130
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.
π@cveNotify
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.
π@cveNotify
π¨ CVE-2025-61023
An issue in the st_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
π@cveNotify
An issue in the st_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
π@cveNotify
GitHub
Fuzzer: Virtuoso 7.2.11 crashed at `st_compare` Β· Issue #1230 Β· openlink/virtuoso-opensource
The PoC is generated by my DBMS fuzzer. It can also be reproduced in the beta docker image. CREATE TABLE v0 ( v1 INTEGER CHECK ( ( SELECT ( SELECT v1 + v1 AS b_plus_one ) ) ) ) ; INSERT INTO v0 SEL...
π¨ CVE-2026-13007
Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are served with Cache-Control: public headers and without Vary: Cookie, allowing reverse proxies and CDNs to cache and serve sensitive data to unauthenticated users even after authentication is applied.
π@cveNotify
Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are served with Cache-Control: public headers and without Vary: Cookie, allowing reverse proxies and CDNs to cache and serve sensitive data to unauthenticated users even after authentication is applied.
π@cveNotify
π¨ CVE-2026-11807
A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials associated with that activation, including OAuth tokens, vault passwords, and SSH keys.
π@cveNotify
A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials associated with that activation, including OAuth tokens, vault passwords, and SSH keys.
π@cveNotify
π¨ CVE-2026-11819
Module: plugins/modules/keyring_info.py
CVSS 3.1: 5.5 MEDIUM β AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result["passphrase"] with no output suppression, no no_log protection, and no documentation warning.
Root Cause:
Line 105 (protected): keyring_password=dict(type="str", required=True, no_log=True)
Line 127 (NOT protected): result["passphrase"] = passphrase
Observed Output:
{
"changed": false,
"passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret"
}
Visible via register + debug:
{
"keyring_result": {
"changed": false,
"passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret"
}
}
Impact:
Master passwords, SSH key passphrases and service credentials appear in all Ansible output
register: keyring_result followed by debug: var=keyring_result prints passphrase in full
Ansible fact caching backends (Redis, JSON file, memcached) may persist the passphrase
AWX/Tower job logs silently store the live credential
Fix:
module.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)
Also add a documentation warning requiring callers to use no_log: true at the task level.
PoCs
Fig 1: PoC execution showing passphrase in plaintext output
Fig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)
π@cveNotify
Module: plugins/modules/keyring_info.py
CVSS 3.1: 5.5 MEDIUM β AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result["passphrase"] with no output suppression, no no_log protection, and no documentation warning.
Root Cause:
Line 105 (protected): keyring_password=dict(type="str", required=True, no_log=True)
Line 127 (NOT protected): result["passphrase"] = passphrase
Observed Output:
{
"changed": false,
"passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret"
}
Visible via register + debug:
{
"keyring_result": {
"changed": false,
"passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret"
}
}
Impact:
Master passwords, SSH key passphrases and service credentials appear in all Ansible output
register: keyring_result followed by debug: var=keyring_result prints passphrase in full
Ansible fact caching backends (Redis, JSON file, memcached) may persist the passphrase
AWX/Tower job logs silently store the live credential
Fix:
module.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)
Also add a documentation warning requiring callers to use no_log: true at the task level.
PoCs
Fig 1: PoC execution showing passphrase in plaintext output
Fig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)
π@cveNotify
π¨ CVE-2026-11820
Module: plugins/modules/nexmo.py
CVSS 3.1: 6.5 MEDIUM β AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: api_key and api_secret are declared no_log=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all no_log protection.
Vulnerable Code (lines 82-93):
msg = {
"api_key": module.params.get("api_key"),
"api_secret": module.params.get("api_secret"),
"from": module.params.get("src"),
"text": module.params.get("msg"),
}
url = f"{NEXMO_API}?{urlencode(msg)}"
response, info = fetch_url(module, url, headers=headers)
Observed Output:
https://rest.nexmo.com/sms/json?api_key=a1b2c3d4&api_secret=MyS3cr3tK3y!!&from=AnsibleBot&to=15551234567&text=Hello
Exposure Vectors:
Ansible verbose output (-vvv) logs the full request URL
Vonage/Nexmo server access logs record credentials in query string
HTTP proxies, SIEM, and network inspection tools capture the full URL
AWX/Automation Controller network debug logs
Fix: Switch to POST with credentials in the request body:
data = urlencode({"api_key": api_key, "api_secret": api_secret,
"from": src, "to": number, "text": msg})
fetch_url(module, NEXMO_API, data=data, method="POST",
headers={"Content-Type": "application/x-www-form-urlencoded"})
π@cveNotify
Module: plugins/modules/nexmo.py
CVSS 3.1: 6.5 MEDIUM β AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: api_key and api_secret are declared no_log=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all no_log protection.
Vulnerable Code (lines 82-93):
msg = {
"api_key": module.params.get("api_key"),
"api_secret": module.params.get("api_secret"),
"from": module.params.get("src"),
"text": module.params.get("msg"),
}
url = f"{NEXMO_API}?{urlencode(msg)}"
response, info = fetch_url(module, url, headers=headers)
Observed Output:
https://rest.nexmo.com/sms/json?api_key=a1b2c3d4&api_secret=MyS3cr3tK3y!!&from=AnsibleBot&to=15551234567&text=Hello
Exposure Vectors:
Ansible verbose output (-vvv) logs the full request URL
Vonage/Nexmo server access logs record credentials in query string
HTTP proxies, SIEM, and network inspection tools capture the full URL
AWX/Automation Controller network debug logs
Fix: Switch to POST with credentials in the request body:
data = urlencode({"api_key": api_key, "api_secret": api_secret,
"from": src, "to": number, "text": msg})
fetch_url(module, NEXMO_API, data=data, method="POST",
headers={"Content-Type": "application/x-www-form-urlencoded"})
π@cveNotify
π¨ CVE-2026-12112
A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating authentication tokens and by logging all newly created session IDs to standard logs. This issue can result in privilege escalation and infrastructure-wide code execution.
π@cveNotify
A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating authentication tokens and by logging all newly created session IDs to standard logs. This issue can result in privilege escalation and infrastructure-wide code execution.
π@cveNotify
π¨ CVE-2026-12891
A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266 video file or stream that, when processed by a GStreamer-based application, could leak limited memory contents through video metadata, potentially exposing sensitive information from the application's address space.
π@cveNotify
A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266 video file or stream that, when processed by a GStreamer-based application, could leak limited memory contents through video metadata, potentially exposing sensitive information from the application's address space.
π@cveNotify
π¨ CVE-2026-12892
A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary information without first verifying that the NAL unit contains enough data beyond the extension header. An attacker could exploit this by tricking a user into opening a malicious H.264 video file, potentially causing the application to crash or leak a single byte of heap memory.
π@cveNotify
A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary information without first verifying that the NAL unit contains enough data beyond the extension header. An attacker could exploit this by tricking a user into opening a malicious H.264 video file, potentially causing the application to crash or leak a single byte of heap memory.
π@cveNotify
π¨ CVE-2026-41862
Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of untrusted data), which can lead to remote code execution inside the application JVM.
Affected versions:
Spring Statemachine 4.0.0 through 4.0.1
Spring Statemachine 3.2.0 through 3.2.4
π@cveNotify
Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of untrusted data), which can lead to remote code execution inside the application JVM.
Affected versions:
Spring Statemachine 4.0.0 through 4.0.1
Spring Statemachine 3.2.0 through 3.2.4
π@cveNotify
CVE-2026-41862: Kryo deserialization of persisted context without class allowlist
Level up your Java code and explore what Spring can do for you.
π¨ CVE-2026-48493
Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser β for example `assets.view`, `assets.create`, `reports.view`, import, etc. The issue is patched in version 8.6.0.
π@cveNotify
Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser β for example `assets.view`, `assets.create`, `reports.view`, import, etc. The issue is patched in version 8.6.0.
π@cveNotify
GitHub
Tighten permission changes and UI, fixed #18831 by snipe Β· Pull Request #19024 Β· grokability/snipe-it
This PR handles an issue where we were being a little too permissive for users with API access editing themselves, and also improves the UI a bit to hide permissions the user can't grant or...
π¨ CVE-2026-7574
Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0) validates only file presence and a version marker string before booting rootfs.img, but does not verify image content integrity at time-of-use. A local attacker with unprivileged code execution as the victim macOS user can modify the VM root filesystem image and have it trusted on subsequent Cowork VM boots, enabling persistent arbitrary code execution in the VM and access to host-mounted directories. The estimated CWE mapping is CWE-353 (Missing Support for Integrity Check).
π@cveNotify
Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0) validates only file presence and a version marker string before booting rootfs.img, but does not verify image content integrity at time-of-use. A local attacker with unprivileged code execution as the victim macOS user can modify the VM root filesystem image and have it trusted on subsequent Cowork VM boots, enabling persistent arbitrary code execution in the VM and access to host-mounted directories. The estimated CWE mapping is CWE-353 (Missing Support for Integrity Check).
π@cveNotify
cfp.recon.cx
Putting the Genie Back in the Bottle: Agentic Reverse Engineering of Claude's Security Architecture Recon 2026
The proliferation of AI agents is quickly becoming one of the foremost concerns of security teams. Engineering teams are clamoring for the increase in velocity afforded by AI coding agents. Non-technical teams have noticed, and employees of all job typesβ¦
π¨ CVE-2026-10531
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks.
π@cveNotify
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks.
π@cveNotify
WPScan
AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute
See details on AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute CVE 2026-10531. View the latest Plugin Vulnerabilities on WPScan.