7.1
CVE-2026-42226 - n8n: Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key Replay
n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supplyβ¦
7.5
CVE-2026-42154 - Prometheus: remote read endpoint allows denial of service via crafted snappy payload
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a smaβ¦
7.5
CVE-2026-42151 - Prometheus Azure AD remote write OAuth client secret exposed via config API
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD remote write OAuth configuration (storage/remote/azuread) was typed as string instead of Secret. Prometheus redacts fields of type Secret when servingβ¦
3.7
CVE-2026-43964 - Postfix Enhanced Status Code Buffer Over-read Crash
Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.
7.2
CVE-2026-29004 - BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_Sβ¦
8.8
CVE-2026-0073 - Wireless ADB Mutual Auth Bypass Allows Remote Code Execution
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privileges needed. User interaction is not needed for eβ¦
5.5
CVE-2026-42146 - CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp
CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nb_colors value triggers an out-of-memβ¦
6.1
CVE-2026-42144 - CImg Library: Integer overflow in PNM size check bypasses memory guard (_load_pnm)
CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap arβ¦
5.3
CVE-2026-41572 - Note Mark: Unauthenticated read of notes and assets in soft-deleted public books
Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/notes/{id}/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the noteβ¦
9.4
CVE-2026-41571 - Note Mark: OIDC-registered users authenticated by submitting password "null"
Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt("null") placeholder whenever a user has no stored password. OIDC-registered users are created with an empty password, so anyone who submits password: "nuβ¦