|
1961
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()
The mwifiex_adapter_cleanup() function uses timer_delete()
(non-sy…
|
-
|
CVE-2026-46069
|
2026-05-27 23:48 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1962
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt
wait_for_completion_interruptible_timeout() returns -ERESTARTSYS w…
|
-
|
CVE-2026-46073
|
2026-05-27 23:48 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1963
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mana_ib: Disable RX steering on RSS QP destroy
When an RSS QP is destroyed (e.g. DPDK exit), mana_ib_destroy_qp_rss()
destro…
|
-
|
CVE-2026-46084
|
2026-05-27 23:48 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1964
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net: bridge: use a stable FDB dst snapshot in RCU readers
Local FDB entries can be rewritten in place by `fdb_delete_local()`, wh…
|
-
|
CVE-2026-46086
|
2026-05-27 23:48 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1965
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access
The bounds check for the next xattr entry in check_xattr…
|
-
|
CVE-2026-46094
|
2026-05-27 23:48 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1966
|
8.7 |
HIGH
Network
|
twenty
|
twenty
|
Twenty is an open source CRM. In 1.18.0 and earlier, the file serving endpoints in Twenty CRM at /files/* and /file/:fileFolder/:id serve uploaded files using fileStream.pipe(res) without setting any…
|
CWE-79
Cross-site Scripting
|
CVE-2026-44729
|
2026-05-27 23:45 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1967
|
9.9 |
CRITICAL
Network
|
twenty
|
twenty
|
Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. I…
|
CWE-78
CWE-89
OS Command
SQL Injection
|
CVE-2026-46624
|
2026-05-27 23:45 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1968
|
5.5 |
MEDIUM
Local
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' (src/fastnetmon.cpp l…
|
CWE-59
Link Following
|
CVE-2026-48693
|
2026-05-27 23:42 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1969
|
7.1 |
HIGH
Local
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packet_storage.hpp, the allocate_buffer() function computes memor…
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-48690
|
2026-05-27 23:34 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1970
|
6.5 |
MEDIUM
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48684
|
2026-05-27 23:26 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
