|
41
|
4.4 |
MEDIUM
Network
|
envoyproxy
|
envoy
|
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySu…
New
|
CWE-158
Improper Neutralization of Null Byte or NUL Character
|
CVE-2026-47778
|
2026-06-30 03:49 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
7.2 |
HIGH
Network
|
cacti
|
cacti
|
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php,…
New
|
CWE-89
SQL Injection
|
CVE-2026-40083
|
2026-06-30 03:48 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
7.8 |
HIGH
Local
|
-
|
-
|
The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the mul…
New
|
CWE-416
Use After Free
|
CVE-2026-49412
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
7.1 |
HIGH
Local
|
-
|
-
|
The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the P_SUGID process flag. During execve(2), this flag is not yet set at the point where the auxiliary vector i…
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-49413
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
7.8 |
HIGH
Local
|
-
|
-
|
dsp_mmap_single() validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and length …
New
|
CWE-125
CWE-190
CWE-681
CWE-787
Out-of-bounds Read
Integer Overflow or Wraparound
Incorrect Conversion between Numeric Types
Out-of-bounds Write
|
CVE-2026-45258
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
6.5 |
MEDIUM
Local
|
-
|
-
|
sigqueue(2) was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kern_sigqueue did not include a capability mode check restricting signal de…
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-45259
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
7.0 |
HIGH
Local
|
-
|
-
|
Second, the audio buffer backing a mapping could be freed when the device was closed even though the mapping remained valid. The freed memory could then be reused elsewhere while still accessible th…
New
|
CWE-416
Use After Free
|
CVE-2026-49417
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
7.8 |
HIGH
Local
|
-
|
-
|
The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disabl…
New
|
CWE-179
Incorrect Behavior Order: Early Validation
|
CVE-2026-49414
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
- |
|
-
|
-
|
The CONS_HISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-49416
|
2026-06-30 03:48 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
6.5 |
MEDIUM
Network
|
cacti
|
cacti
|
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report format_file Parameter, causing arbitrary file read. …
New
|
CWE-22
Path Traversal
|
CVE-2026-40084
|
2026-06-30 03:48 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
