5.2
CVE-2026-32707 - PX4 autopilot has a stack buffer overflow in tattu_can due to unbounded memcpy in frame assembly loβ¦
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, tattu_can contains an unbounded memcpy in its multi-frame assembly loop, allowing stack memory overwrite when crafted CAN frames are processed. In deployments where tattu_can is enabled and running, a CAN-injection-capable β¦
7.1
CVE-2026-32706 - PX4 autopilot has a global buffer overflow in crsf_rc via oversized variable-length known packet
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, The crsf_rc parser accepts an oversized variable-length known packet and copies it into a fixed 64-byte global buffer without a bounds check. In deployments where crsf_rc is enabled on a CRSF serial port, an adjacent/raw-seβ¦
6.8
CVE-2026-32705 - PX4 autopilot BST Device Name Length Can Overflow Driver Buffer
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized dev_name_len, causing a stack overflow in the driver and crashing the task (orβ¦
8.2
CVE-2026-32616 - Pigeon has a Host Header Injection in email verification flow
Pigeon is a message board/notepad/social system/blog. Prior to 1.0.201, the application uses $_SERVER['HTTP_HOST'] without validation to construct email verification URLs in the register and resendmail flows. An attacker can manipulate the Host header in the HTTP request, causing the verification lβ¦
6.5
CVE-2026-32704 - SiYuan renderSprig: missing admin check allows any user to read full workspace DB
SiYuan is a personal knowledge management system. Prior to 3.6.1, POST /api/template/renderSprig lacks model.CheckAdminRole, allowing any authenticated user to execute arbitrary SQL queries against the SiYuan workspace database and exfiltrate all note content, metadata, and custom attributes. This β¦
7.1
CVE-2026-26133 - M365 Copilot Information Disclosure Vulnerability
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
6.9
CVE-2026-32702 - Cleanuparr has Username Enumeration via Timing Attack
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. From 2.7.0 to 2.8.0, the /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuβ¦
8.7
CVE-2026-32640 - (SimpleEval) Objects (including modules) can leak dangerous modules through to direct access insideβ¦
SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects (including modules) can leak dangerous modules through to direct access inside the sandbox. If the objects you've passed in as names to SimpleEval have modules or other disallowed / dangerous obβ¦
3.4
CVE-2026-32772 - Information Disclosure via NEW_ENVIRON in GNU Inetutils Telnet
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.
8.6
CVE-2026-32635 - Angular has XSS in i18n attribute bindings
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.3, 21.2.4, 20.3.18, and 19.2.20, a Cross-Site Scripting (XSS) vulnerability has been identified in the Angular runtime and compiler. It occurs wheβ¦