•about 2 hours ago•CVE-2026-2332
7.4CVE-2026-2332: HTTP Request Smuggling in Eclipse Jetty via Chunked Extension Quoted-String Parsing
Eclipse Jetty's HTTP/1.1 parser contains a state-machine flaw when handling chunked transfer encoding extensions, leading to critical HTTP Request Smuggling via "Funky Chunks" techniques.
2 views•5 min read
•about 3 hours ago•GHSA-2X79-GWQ3-VXXM
8.7GHSA-2x79-gwq3-vxxm: Infinite Loop Denial of Service in facil.io and iodine JSON Parser
An uncontrolled resource consumption vulnerability in the facil.io C framework and the iodine Ruby gem allows remote attackers to cause a Denial of Service (DoS). The vulnerability is triggered by parsing crafted JSON payloads containing malformed numeral values, resulting in an infinite loop that exhausts CPU resources.
3 views•6 min read
•about 4 hours ago•CVE-2023-2640
7.8CVE-2023-2640: Local Privilege Escalation in Ubuntu Kernel OverlayFS (GameOver(lay))
CVE-2023-2640 is a high-severity local privilege escalation vulnerability located in the OverlayFS implementation of specific Ubuntu Linux kernels. The flaw exists due to an unsafe interaction between an Ubuntu-specific kernel patch and an upstream kernel modification, which effectively bypasses Virtual File System (VFS) permission checks for extended attributes. An unprivileged local attacker can exploit this condition to assign root-level capabilities to arbitrary executables, achieving full system compromise.
4 views•7 min read
•about 5 hours ago•GHSA-G4VJ-CJJJ-V7HG
3.3GHSA-G4VJ-CJJJ-V7HG: Defense in Depth Update for NuGet Client Handling Resource Consumption and Log Disclosure
Microsoft issued a defense-in-depth security update for the NuGet Client and NuGet.CommandLine tools. The update addresses internal architectural weaknesses related to uncontrolled resource consumption (CWE-400) and the potential insertion of sensitive information into diagnostic log files (CWE-532). While classified as low severity without active exploitation, the update provides critical hardening for Continuous Integration (CI) and local development environments.
3 views•6 min read
•about 11 hours ago•CVE-2026-34621
8.6CVE-2026-34621: Prototype Pollution to Arbitrary Code Execution in Adobe Acrobat EScript Engine
CVE-2026-34621 is a critical Prototype Pollution vulnerability in the Adobe Acrobat and Reader EScript engine. The flaw allows attackers to bypass JavaScript trust boundaries and execute arbitrary code or read sensitive local files. Attackers have actively exploited this vulnerability in targeted campaigns since December 2025.
4 views•6 min read
•about 21 hours ago•CVE-2026-34457
9.1CVE-2026-34457: Authentication Bypass via User-Agent Spoofing in OAuth2 Proxy
OAuth2 Proxy versions prior to 7.15.2 are vulnerable to a critical authentication bypass (CWE-290) when configured with User-Agent-based health checks in an auth_request architecture. An unauthenticated remote attacker can spoof the health check User-Agent header to bypass authorization checks entirely, gaining access to protected upstream resources.
14 views•5 min read
•about 23 hours ago•CVE-2026-40310
5.5CVE-2026-40310: Heap-Based Out-of-Bounds Write in ImageMagick JP2 Encoder
CVE-2026-40310 is a heap-based out-of-bounds write vulnerability within the ImageMagick JPEG 2000 (JP2) encoder. The vulnerability is triggered when the application processes a user-supplied sampling factor of zero, leading to an incorrect mathematical calculation that undersizes a heap allocation. Subsequent write operations overwrite adjacent memory, primarily resulting in a denial-of-service condition via an application crash. The flaw affects ImageMagick versions prior to 7.1.2-19 and 6.9.13-44.
5 views•8 min read
•about 24 hours ago•CVE-2026-40312
6.2CVE-2026-40312: Off-by-One Heap Memory Corruption in ImageMagick MSL Decoder
ImageMagick versions prior to 7.1.2-19 contain an off-by-one vulnerability in the Magick Scripting Language (MSL) decoder. Processing a maliciously crafted MSL file triggers an out-of-bounds heap increment, leading to memory corruption and denial of service.
4 views•4 min read
•1 day ago•CVE-2026-40311
5.5CVE-2026-40311: Heap Use-After-Free in ImageMagick XMP Profile Parsing
CVE-2026-40311 is a medium-severity heap use-after-free (UAF) vulnerability located in ImageMagick's Extensible Metadata Platform (XMP) profile parser. The flaw occurs within the `GetXMPProperty` function due to improper memory lifecycle management when interacting with internal splay tree structures, leading to a denial-of-service condition when malformed images are processed.
3 views•7 min read
•1 day ago•CVE-2023-36424
7.8CVE-2023-36424: Windows Common Log File System (CLFS) Driver Elevation of Privilege
CVE-2023-36424 is an actively exploited Elevation of Privilege vulnerability in the Windows Common Log File System (CLFS) driver (`clfs.sys`). By exploiting an Out-of-Bounds Read flaw during the parsing of malformed Base Log Files (.blf), a low-privileged local attacker can leak sensitive kernel pointers, bypass KASLR, and ultimately elevate privileges to SYSTEM. The flaw affects nearly all supported versions of Windows and Windows Server.
7 views•7 min read
•1 day ago•CVE-2025-0520
9.4CVE-2025-0520: Unauthenticated Remote Code Execution via Unrestricted File Upload in ShowDoc
ShowDoc versions prior to 2.8.7 are vulnerable to a critical unrestricted file upload vulnerability due to an incorrect property configuration in the ThinkPHP file upload class. This allows unauthenticated attackers to upload arbitrary PHP web shells and achieve remote code execution.
5 views•6 min read
•1 day ago•GHSA-CMXV-58FP-FM3G
6.8GHSA-cmxv-58fp-fm3g: Cross-Domain Credential Leakage in AsyncHttpClient
AsyncHttpClient prior to version 3.0.9 is vulnerable to cross-domain credential leakage during HTTP redirects. The library incorrectly forwards Authorization headers and internal Realm objects to untrusted origins, potentially exposing sensitive tokens to unauthorized network actors.
3 views•5 min read