Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
9.8 CRITICAL
CVE-2026-8363 — Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFolder.dll

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

triofox | Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.8 CRITICAL
CVE-2026-8362 — Gladinet Triofox Stack-based Buffer Overflow in WOSDefaultHttpModule.dll

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome

triofox | Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.5 HIGH
CVE-2026-8361 — Gladinet Triofox Path Traversal in WOSDefaultHttpModule.dll

A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome

triofox | Remote | Path Traversal
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.5 HIGH
CVE-2026-8360 — Gladinet Triofox Unchecked Return Value to NULL Pointer Dereference DOS

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into th…

triofox | Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.5 HIGH
CVE-2026-8359 — Gladinet Triofox WOSHttpStatusModule.dll NULL Function Pointer Call DoS

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would b…

triofox | Remote | Misconfiguration
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-49009 — Northern.tech Mender Server Directory Traversal Vulnerability

Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal.

| Path Traversal
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
4.4 MEDIUM
CVE-2026-48792 — pam_usb: pusb_has_virtual_input_device() silently discards EACCES, disabling remote deskt…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event* nodes, causing pusb_has_vi…

| Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.7 MEDIUM
CVE-2026-48066 — pam_usb: Thread-unsafe static pointer in log.c causes data race under concurrent PAM auth…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the ad…

| Race Condition
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.7 MEDIUM
CVE-2026-48065 — pam_usb: Unchecked integer multiplication before xmalloc() in conf.c allows heap-based bu…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to n_devices, a count derived from libxml2 XPath evalu…

| Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.1 HIGH
CVE-2026-48064 — pam_usb: PAM_RHOST check skipped when deny_remote=false allows XDMCP authentication bypass

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage…

Remote | Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.3 MEDIUM
CVE-2026-47274 — pam_usb: Uncontrolled search path in pam_usb tools allows privilege escalation via PATH m…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam_usb helper tools resolved external binaries through the PATH environment variable rathe…

| Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.5 MEDIUM
CVE-2026-47273 — pam_usb: XPath injection via PAM-supplied identifiers in pam_usb configuration queries

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb builds XPath expressions from user-supplied identifiers (PAM username, service name) and dev…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.1 HIGH
CVE-2026-47272 — pam_usb: OTP pad authentication bypass via missing system pad check and uninitialized RNG…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusb_pad_compare() function in src/pad.c only verified that the user-side pad (~/.pamusb/device.…

| Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.1 MEDIUM
CVE-2026-47271 — pam_usb: OOM guards removed by -DNDEBUG cause NULL dereference and authentication process…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc(), xrealloc(), and xstrdup() using assert(dat…

| Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.7 HIGH
CVE-2026-47161 — RELATE Vulnerable to Remote Code Execution (RCE) via Insecure Celery Pickle Deserializati…

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta…

relate | Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.1 HIGH
CVE-2026-45134 — LangSmith Client SDK: Public prompt pull deserializes untrusted manifests without trust b…

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods (pull_prompt / pull_promp…

langchain | Remote | Supply Chain
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.4 HIGH
CVE-2026-45108 — Himmelblau: Authentication Bypass via Cross-User Local Session Impersonation in Device Au…

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Autho…

himmelblau | Remote | Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.5 HIGH
CVE-2026-45104 — MapServer: NULL pointer dereference in SLD `<ElseFilter>` rule parsing reachable via WMS …

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any <Rule> carrying <ElseFil…

mapserver | Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.9 CRITICAL
CVE-2026-45102 — OneUptime: RCE due to Node.js' vm module escape via error objects and infinite recursion

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc…

oneuptime | Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.8 CRITICAL
CVE-2026-44888 — Unauthenticated RCE via Python Config File Injection in SaveConfigFile() (Interger)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
Showing 20 of 6571 Results