|
461
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
xfs: close crash window in attr dabtree inactivation
When inactivating an inode with node-format extended attributes,
xfs_attr3_n…
New
|
-
|
CVE-2026-43053
|
2026-05-2 00:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
462
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback
NETIF_F_IPV6_CSUM only advertises support for checksum offload o…
New
|
-
|
CVE-2026-43057
|
2026-05-2 00:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
463
|
6.5 |
MEDIUM
Network
|
wazuh
|
wazuh
|
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exis…
New
|
CWE-124
CWE-191
Buffer Underflow
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-41499
|
2026-05-1 22:01 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
464
|
9.8 |
CRITICAL
Network
|
arc53
|
docsgpt
|
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a …
Update
|
CWE-77
Command Injection
|
CVE-2026-26015
|
2026-05-1 21:56 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
465
|
7.5 |
HIGH
Network
|
postgresql
|
postgresql_jdbc_driver
|
pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during SCRAM-SHA-256 authentication. A maliciou…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42198
|
2026-05-1 21:51 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
466
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers.
The bug may be exploitable by…
New
|
CWE-783
Operator Precedence Logic Error
|
CVE-2026-7270
|
2026-05-1 21:47 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
467
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic.
Remote attackers can craft packets which cause affec…
New
|
CWE-674
CWE-791
Uncontrolled Recursion
Incomplete Filtering of Special Elements
|
CVE-2026-7164
|
2026-05-1 21:46 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
468
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
When exchanging data over a socket, libnv uses select(2) to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select(2)'s file descriptor set size l…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-39457
|
2026-05-1 21:41 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
469
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.…
Update
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-7320
|
2026-05-1 21:32 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
470
|
7.3 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
Update
|
CWE-119
CWE-416
Incorrect Access of Indexable Resource ('Range Error')
Use After Free
|
CVE-2026-7322
|
2026-05-1 21:30 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
