7.8
CVE-2026-32282 - TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to aβ¦
8.4
CVE-2026-4788 - Multiple Vulnerabilities affect IBM Tivoli Netcool Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.
8.8
CVE-2026-3357 - IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component.
9.3
CVE-2026-1346 - Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Acceβ¦
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate their privileges to roβ¦
7.2
CVE-2026-1343 - Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Acceβ¦
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows an attacker to contact internal authentication endpoints which are pβ¦
7.5
CVE-2025-50650 - Buffer Overflow in DβLink DIβ8003 Router
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routes_static parameter in the /router.asp endpoint.
7.5
CVE-2025-50648 - Buffer Overflow in D-Link DIβ8003 /tggl.asp Endpoint
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validation in the /tggl.asp endpoint.
7.5
CVE-2025-50647 - Buffer Overflow in DβLink DIβ8003 WANS Parameter Leading to Potential Remote Code Execution
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint.
7.5
CVE-2025-50652 - Unauthorized Configuration via /saveparm_usb ASP id Handling on DβLink DIβ8003
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint.
7.5
CVE-2025-45059 - Denial of Service via Buffer Overflow in D-Link DI-8300 Firmware
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.