|
51
|
7.8 |
HIGH
Local
|
qualcomm
|
snapdragon_480_5g_mobile_platform_firmware
snapdragon_480\+_5g_mobile_platform_firmware
snapdragon_6_gen_1_mobile_platform_firmware
snapdragon_6_gen_3_mobile_platform_firmware
snapdragon_…
|
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-59604
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
52
|
7.8 |
HIGH
Local
|
qualcomm
|
snapdragon_g1_gen_2_gaming_platform_firmware
ar8035_firmware
csra6620_firmware
csra6640_firmware
fastconnect_6200_firmware
fastconnect_6700_firmware
fastconnect_6800_firmware
fas…
|
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
New
|
CWE-787
Out-of-bounds Write
|
CVE-2025-59605
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
53
|
7.8 |
HIGH
Local
|
qualcomm
|
cologne_firmware
cq7790_firmware
cq8725s_firmware
cq8750m_firmware
fastconnect_6200_firmware
wsa8840_firmware
wsa8845_firmware
wsa8845h_firmware
wsa8850_firmware
wsa8850w_f…
|
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-59606
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
54
|
5.5 |
MEDIUM
Network
|
qualcomm
|
5g_fixed_wireless_access_platform_firmware
ar8035_firmware
csr8811_firmware
fastconnect_6700_firmware
fastconnect_6900_firmware
sxr2250p_firmware
wcd9340_firmware
wcd9370_firmwar…
|
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
New
|
CWE-126
Buffer Over-read
|
CVE-2025-59609
|
2026-06-3 03:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
55
|
7.5 |
HIGH
Network
|
ultrajson_project
|
ultrajson
|
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-44660
|
2026-06-3 03:00 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
56
|
7.8 |
HIGH
Local
|
cnighswonger
|
claude-code-cache-fix
|
claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directl…
Update
|
CWE-78
CWE-94
OS Command
Code Injection
|
CVE-2026-45136
|
2026-06-3 02:57 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
57
|
7.8 |
HIGH
Local
|
-
|
-
|
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admi…
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-40619
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
58
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Appsmith’s SQL query editor’s autocomplete functionality fails to sanitize database object names before rendering them in innerHTML, allowing an authenticated Developer to inject persistent XSS by a …
New
|
-
|
CVE-2026-7299
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
59
|
3.1 |
LOW
Network
|
-
|
-
|
HCL iReflection Third party vulnerable and outdated components issue was detected in the web application
New
|
-
|
CVE-2024-42206
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
60
|
- |
|
-
|
-
|
SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ESP traffic), which allows an…
New
|
-
|
CVE-2026-10629
|
2026-06-3 02:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
