cyber
·
news
News
Deep Dives
Settings
Sign in
1913 items
Unread (2160)
All
Dismissed
All
Critical
High
Supply Chain
Ransomware
Breaches
Zero-Day
CVEs
MEDIUM
CVE-2026-40446 (CVSS 6.9) — Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source E...
NVD
CVE-2026-40446
55d ago
MEDIUM
CVE-2026-25204 (CVSS 6.2) — Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows d...
NVD
CVE-2026-25204
55d ago
HIGH
CVE-2026-32146 (CVSS 7.8) — Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows a...
NVD
CVE-2026-32146
56d ago
HIGH
CVE-2026-40180 (CVSS 7.5) — Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs gen...
NVD
CVE-2026-40180
57d ago
CRITICAL
CVE-2026-6068 (CVSS 9.6) — NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling ...
NVD
CVE-2026-6068
57d ago
HIGH
CVE-2021-47961 (CVSS 8.1) — A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows ...
NVD
CVE-2021-47961
57d ago
MEDIUM
CVE-2026-5525 (CVSS 6) — A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handl...
NVD
CVE-2026-5525
58d ago
CRITICAL
CVE-2026-5194 (CVSS 9.1) — Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA cert...
NVD
CVE-2026-5194
58d ago
HIGH
CVE-2026-40072 (CVSS 7.2) — web3.py allows you to interact with the Ethereum blockchain using Python. From 6.0.0b3 to before 7.1...
NVD
CVE-2026-40072
58d ago
MEDIUM
CVE-2026-4878 (CVSS 6.7) — A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TO...
NVD
CVE-2026-4878
58d ago
CRITICAL
CVE-2025-62718 (CVSS 9.9) — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios ...
NVD
CVE-2025-62718
58d ago
HIGH
CVE-2026-5883 (CVSS 8.8) — Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute...
NVD
CVE-2026-5883
59d ago
HIGH
CVE-2026-32590 (CVSS 7.1) — A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload p...
NVD
CVE-2026-32590
59d ago
MEDIUM
CVE-2026-4837 (CVSS 6.6) — An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions cou...
NVD
CVE-2026-4837
59d ago
MEDIUM
CVE-2026-4931 (CVSS 6.8) — Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt posit...
NVD
CVE-2026-4931
60d ago
HIGH
CVE-2026-34769 (CVSS 7.7) — Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and C...
NVD
CVE-2026-34769
64d ago
HIGH
CVE-2026-31399 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use a...
NVD
CVE-2026-31399
64d ago
HIGH
CVE-2026-31395 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix OOB access in DBG_...
NVD
CVE-2026-31395
64d ago
HIGH
CVE-2026-23454 (CVSS 7) — In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free i...
NVD
CVE-2026-23454
64d ago
HIGH
CVE-2026-23448 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc_ncm: add ndpoffse...
NVD
CVE-2026-23448
64d ago
HIGH
CVE-2026-5463 (CVSS 8.6) — Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through version...
NVD
CVE-2026-5463
65d ago
HIGH
CVE-2026-35535 (CVSS 7.4) — In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a ...
NVD
CVE-2026-35535
65d ago
HIGH
CVE-2025-15620 (CVSS 8.6) — HiOS Switch Platform versions 09.1.00 through 09.4.04 and 10.0.00 through 10.3.00 contain a denial-o...
NVD
CVE-2025-15620
65d ago
HIGH
CVE-2026-32145 (CVSS 0) — Allocation of Resources Without Limits or Throttling vulnerability in gleam-wisp wisp allows a denia...
NVD
CVE-2026-32145
65d ago
MEDIUM
CVE-2026-34531 (CVSS 6.5) — Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to versi...
NVD
CVE-2026-34531
66d ago
HIGH
CVE-2026-34072 (CVSS 8.3) — Cr*nMaster (cronmaster) is a Cronjob management UI with human readable syntax, live logging and log ...
NVD
CVE-2026-34072
66d ago
MEDIUM
CVE-2026-5119 (CVSS 5.9) — A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensit...
NVD
CVE-2026-5119
69d ago
CRITICAL
CVE-2026-33728 (CVSS 9.8) — dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to...
NVD
CVE-2026-33728
72d ago
HIGH
CVE-2026-34352 (CVSS 8.5) — In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the ...
NVD
CVE-2026-34352
72d ago
MEDIUM
CVE-2026-2100 (CVSS 5.3) — A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_Der...
NVD
CVE-2026-2100
72d ago
HIGH
CVE-2026-0966 (CVSS 8.2) — A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service w...
NVD
CVE-2026-0966
72d ago
CRITICAL
CVE-2026-26213 (CVSS 9.8) — thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os comm...
NVD
CVE-2026-26213
72d ago
HIGH
CVE-2026-32846 (CVSS 7.5) — OpenClaw before 2026.3.28 contains a path traversal vulnerability in media parsing that allows attac...
NVD
CVE-2026-32846
72d ago
MEDIUM
CVE-2026-4887 (CVSS 6.1) — A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an of...
NVD
CVE-2026-4887
72d ago
HIGH
CVE-2026-3104 (CVSS 7.5) — A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying ...
NVD
CVE-2026-3104
73d ago
HIGH
CVE-2026-23327 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size...
NVD
CVE-2026-23327
73d ago
HIGH
CVE-2026-23305 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in ...
NVD
CVE-2026-23305
73d ago
HIGH
CVE-2026-23281 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-f...
NVD
CVE-2026-23281
73d ago
CRITICAL
CVE-2026-4698 (CVSS 9.8) — JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox ...
NVD
CVE-2026-4698
74d ago
HIGH
CVE-2019-25634 (CVSS 8.4) — Base64 Decoder 1.1.2 contains a stack-based buffer overflow vulnerability that allows local attacker...
NVD
CVE-2019-25634
74d ago
INFO
CVE-2026-32067 (CVSS 3.7) — OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability in the pairing-st...
NVD
CVE-2026-32067
78d ago
CRITICAL
CVE-2026-33017 (CVSS 9.8) — Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to ...
NVD
CVE-2026-33017
CVE-2025-3248
79d ago
HIGH
CVE-2026-4342 (CVSS 8.8) — A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be u...
NVD
CVE-2026-4342
79d ago
HIGH
CVE-2025-69720 (CVSS 7.3) — The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in an...
NVD
CVE-2025-69720
79d ago
HIGH
CVE-2026-23262 (CVSS 0) — In the Linux kernel, the following vulnerability has been resolved: gve: Fix stats report corruptio...
NVD
CVE-2026-23262
80d ago
HIGH
CVE-2026-23244 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in ...
NVD
CVE-2026-23244
80d ago
MEDIUM
CVE-2026-4271 (CVSS 5.3) — A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Us...
NVD
CVE-2026-4271
81d ago
CRITICAL
CVE-2026-4312 (CVSS 9.8) — GCB/FCB Audit Software developed by DrangSoft has a Missing Authentication vulnerability, allowing u...
NVD
CVE-2026-4312
82d ago
HIGH
CVE-2026-4224 (CVSS 7.5) — When an Expat parser with a registered ElementDeclHandler parses an inline document type definition ...
NVD
CVE-2026-4224
82d ago
HIGH
CVE-2026-3644 (CVSS 7.5) — The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete....
NVD
CVE-2026-3644
CVE-2026-0672
82d ago
Prev
Page 31 / 39
Next
MEDIUM
NVD
Mon, 13 Apr 2026 05:16:04 UTC
✕ Dismiss
CVE-2026-40446 (CVSS 6.9) — Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source E...
https://nvd.nist.gov/vuln/detail/CVE-2026-40446
TL;DR
Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
CVE-2026-40446
Read full story ↗