Skip to content

Menu
  • Home
Menu

CVE-2026-40075 – OpenMRS Core arbitrary file read via path traversal in ModuleResourcesServlet

Posted on May 6, 2026

CVE ID :CVE-2026-40075 Published : May 5, 2026, 10:16 p.m. | 2 hours, 4 minutes ago Description :OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and…

CVE-2026-39852 – Quarkus authorization bypass via semicolon path normalization inconsistency

Posted on May 6, 2026

CVE ID :CVE-2026-39852 Published : May 5, 2026, 9:16 p.m. | 3 hours, 4 minutes ago Description :Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1,…

CVE-2026-39849 – Pi-hole FTL remote code execution via newline injection in dns.interface configuration

Posted on May 6, 2026

CVE ID :CVE-2026-39849 Published : May 5, 2026, 9:16 p.m. | 3 hours, 4 minutes ago Description :Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before…

CVE-2026-35579 – CoreDNS TSIG authentication bypass on gRPC, QUIC, DoH, and DoH3 transports

Posted on May 6, 2026

CVE ID :CVE-2026-35579 Published : May 5, 2026, 9:16 p.m. | 3 hours, 4 minutes ago Description :CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH,…

CVE-2026-7857 – D-Link DI-8100 CGI user_group.asp sprintf buffer overflow

Posted on May 6, 2026

CVE ID :CVE-2026-7857 Published : May 5, 2026, 8:16 p.m. | 4 hours, 4 minutes ago Description :A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the…

CVE-2026-7791 – Amazon WorkSpaces for Windows Skylight Workspace Config Service Privilege Escalation

Posted on May 5, 2026

CVE ID :CVE-2026-7791 Published : May 4, 2026, 10:16 p.m. | 2 hours, 4 minutes ago Description :Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces…

CVE-2026-42238 – Unauthenticated Remote Code Execution via Backup Restore in nginx-ui

Posted on May 5, 2026

CVE ID :CVE-2026-42238 Published : May 4, 2026, 9:16 p.m. | 3 hours, 4 minutes ago Description :Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, nginx-ui…

CVE-2026-42222 – nginx-ui: Unauthenticated first-boot instance claim via POST /api/install allows remote bootstrap takeover

Posted on May 5, 2026

CVE ID :CVE-2026-42222 Published : May 4, 2026, 9:16 p.m. | 3 hours, 4 minutes ago Description :Nginx UI is a web user interface for the Nginx web server. In version 2.3.5, an unauthenticated…

CVE-2026-42221 – nginx-ui: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim

Posted on May 5, 2026

CVE ID :CVE-2026-42221 Published : May 4, 2026, 9:16 p.m. | 3 hours, 4 minutes ago Description :Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before…

CVE-2026-41927 – WDR201A WiFi Extender Stack-Based Buffer Overflow via firewall.cgi

Posted on May 5, 2026

CVE ID :CVE-2026-41927 Published : May 4, 2026, 8:16 p.m. | 4 hours, 4 minutes ago Description :WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains a stack-based buffer overflow vulnerability in the firewall.cgi and…

Posts pagination

1 2 … 74 Next

Site map

  • About Us
  • Privacy Policy
  • Terms & Conditions of Use
©2026 | Design: Newspaperly WordPress Theme