6.8
CVE-2026-4931 - CVE-2026-4931
Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost.
8.8
CVE-2026-35521 - Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.hosts Newline Injection
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution (RCE) vulnerability in the DHCP hosts configuration parameter (dhcp.hosts). This vulnerability allows an authentβ¦
8.3
CVE-2026-33816 - CVE-2026-33816 in github.com/jackc/pgx
Memory-safety vulnerability in github.com/jackc/pgx/v5.
8.3
CVE-2026-33815 - CVE-2026-33815 in github.com/jackc/pgx
Memory-safety vulnerability in github.com/jackc/pgx/v5.
8.8
CVE-2026-35520 - Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution (RCE) vulnerability in the DHCP lease time configuration parameter (dhcp.leaseTime). This vulnerability allows aβ¦
8.8
CVE-2026-35519 - Pi-hole FTL affected by Remote Code Execution (RCE) via dns.hostRecord Newline Injection
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution (RCE) vulnerability in the DNS host record configuration parameter (dns.hostRecord). This vulnerability allows aβ¦
6
CVE-2026-1079 - A native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versionsβ¦
A native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigatβ¦
8.8
CVE-2026-35518 - Pi-hole FTL affected by Remote Code Execution (RCE) via dns.cnameRecords Newline Injection
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution (RCE) vulnerability in the DNS CNAME records configuration parameter (dns.cnameRecords). This vulnerability alloβ¦
8.8
CVE-2026-35517 - Pi-hole FTL affected by Remote Code Execution (RCE) via dns.upstreams Newline Injection
FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution (RCE) vulnerability in the upstream DNS servers configuration parameter (dns.upstreams). This vulnerability alloβ¦
5
CVE-2026-35516 - LinkAce has SSRF via CheckLinksCommand - Link URL Update Bypasses laravel-html-meta Protection
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services (AWS IMDSv1, cloud metadata, internal APIs) by creating a link with a publβ¦