|
1111
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels
seg6_input_core() and rpl_input() call ip6_route_input() which sets a
NORE…
New
|
-
|
CVE-2026-46099
|
2026-05-27 23:48 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1112
|
8.7 |
HIGH
Network
|
twenty
|
twenty
|
Twenty is an open source CRM. In 1.18.0 and earlier, the file serving endpoints in Twenty CRM at /files/* and /file/:fileFolder/:id serve uploaded files using fileStream.pipe(res) without setting any…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-44729
|
2026-05-27 23:45 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1113
|
9.9 |
CRITICAL
Network
|
twenty
|
twenty
|
Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. I…
New
|
CWE-78
CWE-89
OS Command
SQL Injection
|
CVE-2026-46624
|
2026-05-27 23:45 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1114
|
5.5 |
MEDIUM
Local
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' (src/fastnetmon.cpp l…
New
|
CWE-59
Link Following
|
CVE-2026-48693
|
2026-05-27 23:42 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1115
|
7.1 |
HIGH
Local
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packet_storage.hpp, the allocate_buffer() function computes memor…
New
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-48690
|
2026-05-27 23:34 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1116
|
6.5 |
MEDIUM
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48684
|
2026-05-27 23:26 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1117
|
6.5 |
MEDIUM
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp_protocol.hpp, the parse_raw_…
New
|
CWE-130
Improper Handling of Length Parameter Inconsistency
|
CVE-2026-48685
|
2026-05-27 23:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1118
|
9.8 |
CRITICAL
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() …
New
|
CWE-120
CWE-787
Classic Buffer Overflow
Out-of-bounds Write
|
CVE-2026-48686
|
2026-05-27 23:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1119
|
7.4 |
HIGH
Local
|
-
|
-
|
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer with…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-49014
|
2026-05-27 23:17 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1120
|
7.3 |
HIGH
Local
|
-
|
-
|
smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocati…
New
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-44983
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
