9.2
CVE-2026-1803 - Ziroom ZHOME A0101 Dropbear SSH Service default credentials
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitability is β¦
7.8
CVE-2026-24149 - Code Injection Vulnerability in NVIDIA Megatron-LM Leading to Code Execution
NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering.
1.7
CVE-2025-64438 - Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory (OOM) denial-of-service exists in Fast -DDS when processing RTPS GAP submessages under RELIABLE Qoβ¦
1.7
CVE-2025-64098 - FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is eβ¦
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory (OOβ¦
7.2
CVE-2025-62799 - FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE)
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un authenticated sender can transmit a single malformed RTPS Dβ¦
1.7
CVE-2025-62603 - FastDDS has Out-of-memory while parsing GenericMessage when DDS Security is enabled
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after the handshake, such asβ¦
4.7
CVE-2026-25616 - Blesta Input Validation XSS Vulnerability
Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665.
1.7
CVE-2025-62602 - FastDDS has heap buffer overflow in readData via Manipulated DATA Submessage when DDS Security is eβ¦
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflβ¦
7.2
CVE-2026-25615 - Object Injection Vulnerability in Blesta Versions 3.x to 5.x Before 5.13.3
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668.
7.5
CVE-2026-25614 - Object Injection in Blesta 3.xβ5.x Allowing Remote Code Execution
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680.