Aggregator

CVE-2026-3893 | Carlson VASCO-B GNSS Receiver up to 1.3.x missing authentication

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability categorized as critical has been discovered in Carlson VASCO-B GNSS Receiver up to 1.3.x. The impacted element is an unknown function. Executing a manipulation can lead to missing authentication. The identification of this vulnerability is CVE-2026-3893. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-41375 | OpenClaw up to 2026.3.27 /phone authorization (GHSA-h2v7-xc88-xx8c)

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability was found in OpenClaw up to 2026.3.27. It has been classified as problematic. This issue affects some unknown processing of the file /phone. This manipulation causes incorrect authorization. This vulnerability is handled as CVE-2026-41375. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-41374 | OpenClaw up to 2026.3.30 Discord Audio Preflight Transcription amplification (GHSA-hhff-fj5f-qg48)

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability, which was classified as problematic, was found in OpenClaw up to 2026.3.30. Affected by this issue is some unknown functionality of the component Discord Audio Preflight Transcription. Executing a manipulation can lead to incorrect behavior order: early amplification. This vulnerability appears as CVE-2026-41374. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.
vuldb.com

MNT6

Dark Feed IO
1 month 3 weeks ago

You must login to view this content

cohenido

MNT6

Dark Feed IO
1 month 3 weeks ago

You must login to view this content

cohenido

CVE-2025-41658

CVE Trends
1 month 3 weeks ago
Currently trending CVE - Hype Score: 7 - CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions.

CVE-2025-41659

CVE Trends
1 month 3 weeks ago
Currently trending CVE - Hype Score: 7 - A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only ...

CVE-2024-7399

CVE Trends
1 month 3 weeks ago
Currently trending CVE - Hype Score: 8 - Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

CVE-2026-5794 | Ercom Cryptobox up to 4.37.x/4.40.175 multiple resources with duplicate identifier

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability classified as problematic was found in Ercom Cryptobox up to 4.37.x/4.40.175. Affected is an unknown function. Such manipulation leads to use of multiple resources with duplicate identifier. This vulnerability is documented as CVE-2026-5794. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-6238 | GNU C Library up to 2.33 DNS Response ns_printrrf/ns_printrr/fp_nquery buffer over-read

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability classified as problematic has been found in GNU C Library up to 2.33. This impacts the function ns_printrrf/ns_printrr/fp_nquery of the component DNS Response Handler. This manipulation causes buffer over-read. This vulnerability is registered as CVE-2026-6238. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad