New
CVE-2026-2391: qs's arrayLimit bypass in comma parsing allows denial of service: ### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284)....
CVE-2026-25676: The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges.
CVE-2026-26235: JUNG Smart Visu Server 1.1.1050 - 'JUNG Smart Visu Server' Missing Authentication: JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or reboot the server. Attackers can send a single POST request to trigger the server reboot without requiring any authentication.
CVE-2026-26234: JUNG Smart Visu Server - Improper Neutralization of HTTP Headers for Scripting Syntax: JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, p...
CVE-2026-1537: LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details Exposure: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_step() function in all versions up to, and including, 5.2.6. This makes it possible for una...
Updated
CVE-2025-33030: Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data corruption. This result may potentially occur via local access when attack requirements are present without special internal knowledge and r...
CVE-2026-20700: A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individu...
CVE-2026-26158: Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries: A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can l...
CVE-2026-26157: Busybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitization: A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, pote...
CVE-2026-2319: Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures and install a malicious extension to potentially exploit object corruption via a malicious file. (Chromium security severity: Medium)
CISA Known Exploited Vulnerabilities
CVE-2026-21519 Microsoft Windows: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.
CVE-2026-21513 Microsoft Windows: Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
CVE-2026-21525 Microsoft Windows: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
CVE-2026-21514 Microsoft Office: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.
CVE-2026-21533 Microsoft Windows: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.