24h | 7d | 30d

Overview

  • Go standard library
  • os
  • os

08 Jul 2026
Published
08 Jul 2026
Updated

CVSS
Pending
EPSS
0.18%

KEV

Description

On Unix systems, opening a file in an os.Root improperly follows symlinks to locations outside of the Root when the final path component of the a path is a symbolic link and the path ends in /. For example, 'root.Open("symlink/")' will open "symlink" even when "symlink" is a symbolic link pointing outside of the root.

Statistics

  • 3 Posts
  • 9 Interactions

Last activity: 7 hours ago

Fediverse

Profile picture fallback
os: Root escape via symlink plus trailing slash (CVE-2026-39822) #golang

https://github.com/golang/go/issues/79005
  • 3
  • 3
  • 0
  • 11h ago

Bluesky

Profile picture fallback
os: Root escape via symlink plus trailing slash (CVE-2026-39822) #golang github.com -> Original->
  • 0
  • 2
  • 0
  • 11h ago
Profile picture fallback
🔍 Lambda Watchdog detected that CVE-2026-39822 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/593 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 1
  • 0
  • 7h ago

Overview

  • Microsoft
  • Windows 10 Version 1607

09 Jun 2026
Published
08 Jul 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
21.51%

KEV

Description

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.

Statistics

  • 3 Posts

Last activity: 3 hours ago

Fediverse

Profile picture fallback
[RSS] CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys

https://www.thezdi.com/blog/2026/7/9/cve-2026-47291-remote-code-execution-in-the-windows-httpsys
  • 0
  • 0
  • 0
  • 12h ago

Bluesky

Profile picture fallback
[RSS] CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys www.thezdi.com -> Original->
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
CVE-2026-47291: Windows Critical Unauthenticated Remote Code Execution in HTTP.sys
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Microsoft
  • Microsoft Edge (Chromium-based)

11 Jul 2026
Published
12 Jul 2026
Updated

CVSS v3.1
HIGH (8.3)
EPSS
0.70%

KEV

Description

Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Statistics

  • 3 Posts

Last activity: 2 hours ago

Fediverse

Profile picture fallback

A new vulnerability with increased severity was disclosed for Microsoft Edge (CVE-2026-58281) vuldb.com/vuln/377832

  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback

HIGH severity CVE-2026-58281 in Microsoft Edge (Chromium-based) v1.0.0.0 lets attackers execute code remotely via deserialization of untrusted data. Patch from Microsoft is available. Full details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback

It is possible to see elevated activities targeting Microsoft Edge (CVE-2026-58281) vuldb.com/vuln/377832/cti

  • 0
  • 0
  • 0
  • 2h ago

Overview

  • TRENDnet
  • TEW-821DAP

12 Jul 2026
Published
12 Jul 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.42%

KEV

Description

A vulnerability was detected in TRENDnet TEW-821DAP 1.12B01. The affected element is the function sub_41EC14 of the file /goform/tools_nslookup of the component ssi. The manipulation results in buffer overflow. It is possible to launch the attack remotely. The vendor explains: "We are unable to confirm the existence of the vulnerabilities for (...) TEW-821DAP (v1.0R) as these items have been EOL. " This vulnerability only affects products that are no longer supported by the maintainer.

Statistics

  • 2 Posts

Last activity: 2 hours ago

Fediverse

Profile picture fallback

CVE-2026-15484: HIGH-severity buffer overflow (CVSS 8.7) in TRENDnet TEW-821DAP v1.12B01 — remote code execution possible. Device is EOL; no patch. Mitigate by isolating or replacing affected units. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback

CVE-2026-15484 - Critical buffer overflow in TRENDnet TEW-821DAP (EOL). Remote exploitation via /goform/tools_nslookup. CVSS 8.8. Product is unpatched and end-of-life. Replace immediately. #CVE #TRENDnet #infosec

valtersit.com/cve/CVE-2026-154

  • 0
  • 0
  • 0
  • 2h ago

Overview

  • OpenBSD
  • OpenBSD

25 Jun 2026
Published
26 Jun 2026
Updated

CVSS v3.1
HIGH (7.4)
EPSS
0.12%

KEV

Description

sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

Statistics

  • 2 Posts
  • 2 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

⚠️ sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

nvd.nist.gov/vuln/detail/cve-2

#openbsd #bsd #cve #cve202657589 #cybersecurity

  • 2
  • 0
  • 1
  • Last hour

Overview

  • Go standard library
  • crypto/tls
  • crypto/tls

08 Jul 2026
Published
08 Jul 2026
Updated

CVSS
Pending
EPSS
0.42%

KEV

Description

Handshakes which used Encrypted Client Hello could be de-anonymized by a passive network observer due to a disclosure of pre-shared key identities in the unencrypted client hello.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 7 hours ago

Bluesky

Profile picture fallback
🔍 Lambda Watchdog detected that CVE-2026-42505 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/594 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 1
  • 0
  • 7h ago

Overview

  • Linux
  • Linux

22 Apr 2026
Published
01 Jul 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
96.27%

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Statistics

  • 1 Post

Last activity: 4 hours ago

Bluesky

Profile picture fallback
🐧 ¿Cómo funciona 'Copy Fail'? El exploit de 732 bytes que otorga acceso Root en Linux (CVE-2026-31431) (+MITIGACIÓN) www.newstecnicas.com/2026/04/copy...
  • 0
  • 0
  • 0
  • 4h ago

Overview

  • BeyondTrust
  • Remote Support

06 Jul 2026
Published
07 Jul 2026
Updated

CVSS v4.0
CRITICAL (9.2)
EPSS
0.42%

KEV

Description

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture fallback

Deep dive into CVE-2026-40138! Discover how this critical pre-authentication bypass vulnerability impacts BeyondTrust RS & PRA solutions, how the exploit works under the hood, and immediate remediation steps to secure your enterprise.

👉 denizhalil.com/2026/07/10/cve-

#CVE202640138 #BeyondTrust #CyberSecurity

  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture fallback

A severe vulnerability was disclosed for Tenda CH22 (CVE-2026-15543) vuldb.com/vuln/377893

  • 0
  • 0
  • 0
  • 1h ago

Overview

  • TRENDnet
  • TEW-821DAP

12 Jul 2026
Published
12 Jul 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.42%

KEV

Description

A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function sub_41EC14 of the file /goform/tools_nslookup of the component ssi. The manipulation of the argument nslookup_target leads to buffer overflow. It is possible to initiate the attack remotely. The vendor explains: "We are unable to confirm the existence of the vulnerabilities for (...) TEW-821DAP (v1.0R) as these items have been EOL. " This vulnerability only affects products that are no longer supported by the maintainer.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

CVE-2026-15483: HIGH (CVSS 8.7) buffer overflow in TRENDnet TEW-821DAP 1.12B01. Remote exploitation possible via /goform/tools_nslookup. No patch — device is EOL. Upgrade or replace to secure your network. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 10h ago
Showing 1 to 10 of 34 CVEs