|
701
|
6.1 |
MEDIUM
Network
|
-
|
-
|
If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a…
New
|
-
|
CVE-2026-39826
|
2026-05-9 00:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
6.1 |
MEDIUM
Network
|
-
|
-
|
CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins…
New
|
-
|
CVE-2026-39823
|
2026-05-9 00:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
7.5 |
HIGH
Network
|
-
|
-
|
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
New
|
-
|
CVE-2026-39820
|
2026-05-9 00:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
7.5 |
HIGH
Network
|
-
|
-
|
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
New
|
-
|
CVE-2026-33811
|
2026-05-9 00:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: SCO: fix race conditions in sco_sock_connect()
sco_sock_connect() checks sk_state and sk_type without holding
the sock…
|
CWE-362
Race Condition
|
CVE-2026-43023
|
2026-05-8 23:56 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists
hci_cmd_sync_queue_once() needs to indicate whether a que…
|
NVD-CWE-noinfo
|
CVE-2026-43022
|
2026-05-8 23:53 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails
When hci_cmd_sync_queue_once() returns with error, the destroy …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43021
|
2026-05-8 23:50 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: validate LTK enc_size on load
Load Long Term Keys stores the user-provided enc_size and later uses
it to size fi…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-43020
|
2026-05-8 23:41 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync
hci_conn lookup and field access must be covered by hdev lock in
se…
|
CWE-416
Use After Free
|
CVE-2026-43019
|
2026-05-8 23:35 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
6.5 |
MEDIUM
Network
|
-
|
-
|
VINCE versions 3.0.38 and earlier do not properly verify the From address authenticity due to encoding confusion and use the from address for automated actions such as Ticket creation or Ticket updat…
|
-
|
CVE-2026-8142
|
2026-05-8 23:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
