8.7

CVSS4.0

CVE-2026-41503 - BACnet Stack: Out-of-Bounds Read in ReadPropertyMultiple Property Decoder via Deprecated Tag Parser

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RPM …

πŸ“… Published: April 24, 2026, 7:41 p.m. πŸ”„ Last Modified: April 24, 2026, 7:41 p.m.

7.1

CVSS4.0

CVE-2026-6967 - Missing Delegated Metadata Validation in awslabs/tough

Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users with delegated signing authority to bypass TUF specification integrity checks for delegated targets metadata and poison the local metadata cache,…

πŸ“… Published: April 24, 2026, 7:41 p.m. πŸ”„ Last Modified: April 24, 2026, 7:49 p.m.

8.7

CVSS4.0

CVE-2026-41502 - BACnet Stack: Off-by-One Out-of-Bounds Read in ReadPropertyMultiple Object ID Decoder

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by sen…

πŸ“… Published: April 24, 2026, 7:40 p.m. πŸ”„ Last Modified: April 24, 2026, 7:40 p.m.

8.7

CVSS4.0

CVE-2026-41475 - BACnet Stack: Out-of-Bounds Read in WritePropertyMultiple Decoder via Deprecated Tag Parser

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending a truncated WPM…

πŸ“… Published: April 24, 2026, 7:39 p.m. πŸ”„ Last Modified: April 24, 2026, 7:39 p.m.

7

CVSS4.0

CVE-2026-6966 - Signature Threshold Bypass in awslabs/tough Delegated Roles

Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a valid signature, causing the client to accept forged delegated role met…

πŸ“… Published: April 24, 2026, 7:38 p.m. πŸ”„ Last Modified: April 24, 2026, 7:48 p.m.

8.4

CVSS3.1

CVE-2026-41433 - OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file over…

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is r…

πŸ“… Published: April 24, 2026, 7:26 p.m. πŸ”„ Last Modified: April 24, 2026, 7:26 p.m.

7.1

CVSS4.0

CVE-2026-41427 - Better Auth OAuth 2.1 Provider: Unprivileged users can register OAuth clients

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.5, the clientPrivileges option documents a create action, but the OAuth client creation endpoints did not invoke the hook before persisting new clients. Deployments that configured clientPrivileges to restrict c…

πŸ“… Published: April 24, 2026, 7:23 p.m. πŸ”„ Last Modified: April 24, 2026, 7:23 p.m.

8.8

CVSS3.1

CVE-2026-41429 - Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin(...), the device listens on UDP…

πŸ“… Published: April 24, 2026, 7:19 p.m. πŸ”„ Last Modified: April 24, 2026, 7:19 p.m.

9.1

CVSS3.1

CVE-2026-41428 - Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher β€” Unauthenticated A…

Budibase is an open-source low-code platform. Prior to 3.35.4, the authenticated middleware uses unanchored regular expressions to match public (no-auth) endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint …

πŸ“… Published: April 24, 2026, 7:17 p.m. πŸ”„ Last Modified: April 24, 2026, 7:17 p.m.

6.1

CVSS3.1

CVE-2026-41426 - pretalx: Email injection via unescaped user-controlled placeholders in pretalx mail templates

pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malformed HTML or markdown link syntax in a user-controlled template placeholder such as the account display…

πŸ“… Published: April 24, 2026, 7:15 p.m. πŸ”„ Last Modified: April 24, 2026, 7:15 p.m.
Total resulsts: 346514
Page 2 of 34,652
Β« previous page Β» next page
Filters