Posts of last 24 hours
Submit #842603 / VDB-374554
https://vuldb.com/submit/842603
Submit #842602 / VDB-374552
https://vuldb.com/submit/842602
Submit #842595 / VDB-374552
https://vuldb.com/submit/842595
A vulnerability classified as critical has been found in zephyrproject zephyr up to 4.4.x. This issue affects the function uart_rx_enable of the file drivers/serial/uart_mchp_sercom_g1.c. Performing a manipulation results in out-of-bounds write.
This vulnerability is cataloged as CVE-2026-10644. The attack must originate from the local network. There is no exploit available.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/374500
A vulnerability was found in Nmap up to 7.99. It has been classified as critical. Affected is an unknown function of the file libnetutil/netutil.cc. Performing a manipulation results in integer underflow.
This vulnerability is known as CVE-2026-58058. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/374506
A vulnerability classified as critical has been found in zephyrproject zephyr up to 4.4.x. The impacted element is the function getaddrinfo of the file subsys/net/lib/sockets/getaddrinfo.c. The manipulation of the argument ai_arr[] leads to use after free.
This vulnerability is listed as CVE-2026-10646. The attack may be initiated remotely. There is no available exploit.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/374514
A vulnerability was found in skypilot-org skypilot up to 0.12.0. It has been declared as problematic. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash.
This vulnerability was named CVE-2026-13482. The attack may be performed from remote. In addition, an exploit is available.
The vendor was contacted early about this disclosure.
https://vuldb.com/vuln/374479
A vulnerability was found in arc53 DocsGPT up to 0.18.0. It has been rated as problematic. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity.
The identification of this vulnerability is CVE-2026-13483. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The pull request to fix this issue awaits acceptance.
https://vuldb.com/vuln/374480
A vulnerability described as problematic has been identified in zephyrproject zephyr up to 4.4.x. The affected element is the function unicast_client_ep_qos_state of the file subsys/bluetooth/audio/bap_unicast_client.c. Executing a manipulation can lead to null pointer dereference.
This vulnerability is tracked as CVE-2026-10593. The attack is only possible within the local network. No exploit exists.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/374513
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.18.32/7.0.9. This affects the function xe_eu_stall_stream_close of the file /xe/eustall of the component drm. Such manipulation leads to use after free.
This vulnerability is traded as CVE-2026-53290. Access to the local network is required for this attack to succeed. There is no exploit available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/374355