8.6
CVE-2026-4627 - D-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command inโฆ
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only aโฆ
10
CVE-2026-4746 - Heap Buffer Over-Write Vulenrabilty in timeplus-io/proton
Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/srcโ modules). This vulnerability is associated with program files inflate.C. This issue affects proton: before 1.6.16.
10
CVE-2026-4745 - Arbitrary Code Execution via Crafted Bytecode in dendibakh/perf-ninja
Improper Control of Generation of Code ('Code Injection') vulnerability in dendibakh perf-ninja (labs/misc/pgo/lua modules). This vulnerability is associated with program files ldo.C. This issue affects perf-ninja.
9.3
CVE-2026-4744 - Notepad3 Bundled Oniguruma compile_string_node() Heap Buffer Overflow via Crafted Regex Pattern Allโฆ
Out-of-bounds Read vulnerability in rizonesoft Notepad3 (โscintilla/oniguruma/src modules). This vulnerability is associated with program files regcomp.Cโ. This issue affects Notepad3: before 6.25.714.1.
5.2
CVE-2026-4743 - Null-Pointer Dereference Vulnerability in taurusxin/ncmdump
NULL Pointer Dereference vulnerability in taurusxin ncmdump (โsrc/utilsโ modules). This vulnerability is associated with program files cJSON.Cppโ. This issue affects ncmdump: before 1.4.0.
2.9
CVE-2026-4742 - HTTP Request Smuggling in visualfc/liteide
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in visualfc liteide (liteidex/src/3rdparty/qjsonrpc/src/http-parser modules). This vulnerability is associated with program files http_parser.C. This issue affects liteide: before x38.4.
8.6
CVE-2026-4741 - Path Traversal Vulnerability in TeamJCD/JoyConDroid
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TeamJCD JoyConDroid (app/src/main/java/com/rdapps/gamepad/util modules). This vulnerability is associated with program files UnzipUtil.Javaโ. This issue affects JoyConDroid: through 1.0.93.
9.4
CVE-2026-4739 - Integer overflow vulnerabilities in InsightSoftwareConsortium/ITK
Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (โModules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.
9.4
CVE-2026-4738 - GDAL Bundled zlib (inftree9.c) Pointer Offset Optimization Undefined Behavior Allows Heap Corruptioโฆ
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal (frmts/zlib/contrib/infback9 modules). This vulnerability is associated with program files inftree9.Cโ. This issue affects gdal: before 3.11.0.
7.3
CVE-2026-4737 - Use-After-Free Vulnerability in No-Chicken/Echo-Mate
Use After Free vulnerability in No-Chicken Echo-Mate (โSDK/rv1106-sdk/sysdrv/source/kernel/mm modules). This vulnerability is associated with program files rmap.Cโ. This issue affects Echo-Mate: before V250329.