|
1
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release
The atmel_hlcdc_plane_atomic_duplicate_state() callback was …
Update
|
CWE-416
Use After Free
|
CVE-2026-43236
|
2026-05-13 03:59 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
6.7 |
MEDIUM
Local
|
-
|
-
|
An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5…
New
|
CWE-78
OS Command
|
CVE-2025-53680
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
7.2 |
HIGH
Network
|
-
|
-
|
An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5,…
New
|
CWE-89
SQL Injection
|
CVE-2025-53681
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
8.8 |
HIGH
Network
|
-
|
-
|
A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via spe…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2025-53844
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
6.7 |
MEDIUM
Local
|
-
|
-
|
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versi…
New
|
CWE-78
OS Command
|
CVE-2025-53870
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions,…
New
|
CWE-676
Use of Potentially Dangerous Function
|
CVE-2025-67604
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
5.4 |
MEDIUM
Network
|
-
|
-
|
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions…
New
|
CWE-89
SQL Injection
|
CVE-2026-25088
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
4.3 |
MEDIUM
Network
|
-
|
-
|
An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2…
New
|
CWE-88
Argument Injection
|
CVE-2026-25690
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, Fort…
New
|
CWE-862
Missing Authorization
|
CVE-2026-26083
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attack…
New
|
CWE-284
Improper Access Control
|
CVE-2026-44277
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
