|
2311
|
7.0 |
HIGH
Local
|
qualcomm
|
cologne_firmware
fastconnect_6700_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
qcm5430_firmware
qcm6490_firmware
video_collaboration_vc3_platform_firmware
sc8380x…
|
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-25260
|
2026-06-3 00:22 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2312
|
7.5 |
HIGH
Network
|
langflow
|
langflow
|
IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-7528
|
2026-06-3 00:20 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2313
|
8.8 |
HIGH
Network
|
ibm
|
controller
|
IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-5065
|
2026-06-3 00:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2314
|
8.8 |
HIGH
Local
|
qualcomm
|
cq8750m_firmware
fastconnect_6700_firmware
fastconnect_6800_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
g3x_gen_2_firmware
pandeiro_firmware
qca6391_firmware
…
|
Memory corruption while using Strongbox due to missing bounds check.
|
CWE-129
Improper Validation of Array Index
|
CVE-2026-25276
|
2026-06-2 23:58 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2315
|
8.8 |
HIGH
Local
|
qualcomm
|
cq8750m_firmware
fastconnect_6700_firmware
fastconnect_6800_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
g3x_gen_2_firmware
pandeiro_firmware
qca6391_firmware
…
|
Memory corruption while using Strongbox due to buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-25277
|
2026-06-2 23:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2316
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute ar…
|
CWE-79
Cross-site Scripting
|
CVE-2026-10510
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2317
|
6.5 |
MEDIUM
Network
|
-
|
-
|
D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate fu…
|
CWE-74
CWE-200
Injection
Information Exposure
|
CVE-2026-8993
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2318
|
5.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user…
|
CWE-525
Use of Web Browser Cache Containing Sensitive Information
|
CVE-2026-41918
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2319
|
- |
|
-
|
-
|
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digita…
|
CWE-1392
Use of Default Credentials
|
CVE-2026-9844
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2320
|
8.8 |
HIGH
Network
|
openstack
|
keystone
|
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42998
|
2026-06-2 23:50 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
