|
51
|
- |
|
-
|
-
|
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as…
New
|
-
|
CVE-2026-0073
|
2026-05-5 03:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
52
|
5.9 |
MEDIUM
Network
|
-
|
-
|
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()
New
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2025-70071
|
2026-05-5 03:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
53
|
7.5 |
HIGH
Network
|
-
|
-
|
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() method
New
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2025-70069
|
2026-05-5 03:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
54
|
7.5 |
HIGH
Network
|
-
|
-
|
Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial …
New
|
CWE-617
Reachable Assertion
|
CVE-2025-56568
|
2026-05-5 03:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
55
|
7.5 |
HIGH
Network
|
-
|
-
|
An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request
New
|
CWE-20
CWE-400
Improper Input Validation
Uncontrolled Resource Consumption
|
CVE-2025-46115
|
2026-05-5 03:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
56
|
9.8 |
CRITICAL
Network
|
cpanel
|
cpanel
whm
wp_squared
|
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-41940
|
2026-05-5 03:09 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
57
|
6.5 |
MEDIUM
Network
|
gnu
|
glibc
|
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing…
Update
|
CWE-126
Buffer Over-read
|
CVE-2026-6238
|
2026-05-5 02:57 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
58
|
9.9 |
CRITICAL
Network
|
-
|
-
|
In Apache Iceberg, the table's metadata files are control files: they tell readers
which data files belong to the table and which table version to read.
`write.metadata.path` is an optional table …
New
|
CWE-20
CWE-284
CWE-732
CWE-863
Improper Input Validation
Improper Access Control
Incorrect Permission Assignment for Critical Resource
Incorrect Authorization
|
CVE-2026-42812
|
2026-05-5 02:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
59
|
9.9 |
CRITICAL
Network
|
-
|
-
|
In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials
that
only work for one table's files, but a crafted namespace or table name can
cause those credentials to work across …
New
|
CWE-20
CWE-917
Improper Input Validation
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-42811
|
2026-05-5 02:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
60
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Apache Polaris can issue broad temporary ("vended") storage credentials during
staged
table creation before the effective table location has been validated or
durably reserved.
Those temporary crede…
New
|
CWE-20
CWE-862
Improper Input Validation
Missing Authorization
|
CVE-2026-42809
|
2026-05-5 02:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
