CVE Security

A broken access control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior version 9.2. Certain backend API endpoints do not co...

Applications


                                    CVE-2026-8381

Lire l'article

medium 5.7

28/05/2026

Vulnérabilité medium détectée - CVE-2026-44409

There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration of the access control mechanism, attackers can obtain...

Applications


                                    CVE-2026-44409

Lire l'article

medium 6.5

28/05/2026

Vulnérabilité medium détectée - CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker...

Applications


                                    CVE-2026-5072

Lire l'article

high 7.5

28/05/2026

Vulnérabilité high détectée - CVE-2026-46597

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.

Applications


                                    CVE-2026-46597

Lire l'article

medium 5.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-46598

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used.

Applications


                                    CVE-2026-46598

Lire l'article

unknown

28/05/2026

Vulnérabilité unknown détectée - CVE-2026-9053

Mothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious default file pa...

Applications


                                    CVE-2026-9053

Lire l'article

medium 6.1

28/05/2026

Vulnérabilité medium détectée - CVE-2026-3481

The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode' parameter in all versions up to and including...

Applications Web


                                    CVE-2026-3481

Lire l'article

critical 10

28/05/2026

Vulnérabilité critical détectée - CVE-2026-46595

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than pub...

Applications


                                    CVE-2026-46595

Lire l'article

critical 9.1

28/05/2026

Vulnérabilité critical détectée - CVE-2026-39833

The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign w...

Applications


                                    CVE-2026-39833

Lire l'article

critical 9.1

28/05/2026

Vulnérabilité critical détectée - CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the wr...

Applications


                                    CVE-2026-39834

Lire l'article

medium 5.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-39835

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client pre...

Applications


                                    CVE-2026-39835

Lire l'article

critical 9.1

28/05/2026

Vulnérabilité critical détectée - CVE-2026-42508

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checke...

Applications


                                    CVE-2026-42508

Lire l'article

15 16 17 18 19