Aggregator

CVE-2026-43060 | Linux Kernel up to 6.19.9 netfilter privilege escalation

VulDB Recent Entries
1 week 4 days ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.19.9. The impacted element is an unknown function of the component netfilter. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2026-43060. The attack requires being on the local network. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-43065 | Linux Kernel up to 6.19.10 ext4 ext4_mb_release privilege escalation

VulDB Recent Entries
1 week 4 days ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.19.10. The affected element is the function ext4_mb_release of the component ext4. Executing a manipulation can lead to privilege escalation. This vulnerability is registered as CVE-2026-43065. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-43059 | Linux Kernel up to 6.12.77/6.18.19/6.19.9 Bluetooth mgmt_pending_valid use after free

VulDB Recent Entries
1 week 4 days ago
A vulnerability was found in Linux Kernel up to 6.12.77/6.18.19/6.19.9. It has been rated as critical. Impacted is the function mgmt_pending_valid of the component Bluetooth. Performing a manipulation results in use after free. This vulnerability is cataloged as CVE-2026-43059. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-27693 | Traccar up to 6.12.x GPX File xml injection (GHSA-32pj-vrqc-x656)

VulDB Recent Entries
1 week 4 days ago
A vulnerability was found in Traccar up to 6.12.x. It has been classified as critical. This vulnerability affects unknown code of the component GPX File Handler. This manipulation causes xml injection. This vulnerability is tracked as CVE-2026-27693. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-35192 | djangoproject Django up to 5.2.13/6.0.4 Response Header persistent cookies containing sensitive information

VulDB Recent Entries
1 week 4 days ago
A vulnerability has been found in djangoproject Django up to 5.2.13/6.0.4 and classified as problematic. Affected by this issue is some unknown functionality of the component Response Header Handler. The manipulation leads to use of persistent cookies containing sensitive information. This vulnerability is referenced as CVE-2026-35192. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2026-32689 | phoenixframework phoenix up to 1.7.21/1.8.5 Elixir.Phoenix.Transports.LongPoll allocation of resources (GHSA-628h-q48j-jr6q)

VulDB Recent Entries
1 week 4 days ago
A vulnerability, which was classified as problematic, was found in phoenixframework phoenix up to 1.7.21/1.8.5. Affected by this vulnerability is the function Elixir.Phoenix.Transports.LongPoll. Executing a manipulation can lead to allocation of resources. The identification of this vulnerability is CVE-2026-32689. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-31196 | ALTICE GR140DG/GR140IG /bin/httpd_clientside system destAddr os command injection

VulDB Recent Entries
1 week 4 days ago
A vulnerability, which was classified as critical, has been found in ALTICE GR140DG and GR140IG. Affected is the function system of the file /bin/httpd_clientside. Performing a manipulation of the argument destAddr results in os command injection. This vulnerability was named CVE-2026-31196. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2026-36355 | Realtek rtl819x Jungle SDK up to 3.4.14B rtl8192cd Wi-Fi Kernel Driver 8192cd_cfg.h _IOCTL_DEBUG_CMD_ access control

VulDB Recent Entries
1 week 4 days ago
A vulnerability classified as critical has been found in Realtek rtl819x Jungle SDK up to 3.4.14B. This affects the function _IOCTL_DEBUG_CMD_ in the library 8192cd_cfg.h of the component rtl8192cd Wi-Fi Kernel Driver. This manipulation causes improper access controls. This vulnerability is handled as CVE-2026-36355. The attack can only be done within the local network. There is not any exploit available.
vuldb.com

CVE-2026-4304 | WeePie Cookie Allow Plugin up to 3.4.11 on WordPress consent sql injection

VulDB Recent Entries
1 week 4 days ago
A vulnerability described as critical has been identified in WeePie Cookie Allow Plugin up to 3.4.11 on WordPress. The impacted element is an unknown function. The manipulation of the argument consent results in sql injection. This vulnerability is known as CVE-2026-4304. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-29168 | Apache HTTP Server up to 2.4.66 mod_md allocation of resources

VulDB Recent Entries
1 week 4 days ago
A vulnerability marked as critical has been reported in Apache HTTP Server up to 2.4.66. The affected element is an unknown function of the component mod_md. The manipulation leads to allocation of resources. This vulnerability is traded as CVE-2026-29168. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

GnuTLS 3.8.13 Released with Fix for 12 Vulnerabilities Affecting Network Communications

Cyber Security News
1 week 4 days ago

GnuTLS version 3.8.13 has been officially released to patch a dozen security vulnerabilities, including critical flaws affecting secure network communications. The update is highly recommended for all systems using GnuTLS, as it addresses memory corruption, authentication bypasses, and certificate validation errors. Four vulnerabilities discovered in this release are categorized as High severity and require immediate […]

The post GnuTLS 3.8.13 Released with Fix for 12 Vulnerabilities Affecting Network Communications appeared first on Cyber Security News.

Abinaya

Cisco to Acquire Astrix Security to Strengthen AI Agent and Non-Human Identity Security

Cyber Security News
1 week 4 days ago

Cisco has announced its intent to acquire Astrix Security Ltd., an industry leader in Non-Human Identity (NHI) security. This strategic acquisition aims to protect enterprise environments from the expanding attack surface created by the rapid deployment of AI agents. The modern workplace is undergoing a massive shift. Employees are increasingly supported by “agentic AI” automated […]

The post Cisco to Acquire Astrix Security to Strengthen AI Agent and Non-Human Identity Security appeared first on Cyber Security News.

Abinaya

Managed ad