6.6
CVE-2026-40450 - Integer Overflow Causing Memory Corruption in Samsung ONE Tensor Copy
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0.
6.6
CVE-2026-40449 - Integer Overflow in Buffer Size Calculation Causing Out‑of‑Bounds Memory Access in Samsung ONE
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0.
5.3
CVE-2026-40448 -
Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected version is prior to commit  1.30.0.
7.5
CVE-2026-22754 - ervlet Path Not Correctly Included in Path Matching of XML Authorization Rules
Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not exercised. This can lea…
7.5
CVE-2026-22753 - Servlet Path Not Correctly Included in Path Matching of HttpSecurity#securityMatchers
Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may fail and its related security components will not be exercised as intended by the applicati…
5.3
CVE-2026-22748 - Potential Security Misconfiguration when Using withIssuerLocation
Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for example by calling setJwtValidator.This issue affects Spring Security: from 6.3.0 through 6.3.14, f…
6.8
CVE-2026-22747 - Unauthorized User Impersonation when Using X.509 Client Certificates
Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Th…
3.7
CVE-2026-22746 - User Attribute Enumeration when Using DaoAuthenticationProvider
Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, …
5.1
CVE-2026-40451 - Cross‑Site Scripting in DeepL Chrome Extension Enables Arbitrary Script Execution
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user.
5.1
CVE-2026-6835 - aEnrich|a+HCM - Arbitrary File Upload
The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result in a XSS-like effect.