Skip to main content
CVE-2025-11143 LOW PATCH Monitor

The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. [CVSS 3.7 LOW]

Code Injection Jetty
NVD GitHub HeroDevs VulDB
CVSS 3.1
3.7
EPSS
0.1%
CVE-2026-21786 LOW Monitor

HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs. [CVSS 3.3 LOW]

Information Disclosure Sametime
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-66319 LOW Monitor

Harmonyos versions up to 5.1.0 is affected by permissions, privileges, and access controls (CVSS 3.3).

Privilege Escalation
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-3606 LOW Monitor

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. [CVSS 3.3 LOW]

Buffer Overflow Ettercap
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-28436 LOW Monitor

Stored cross-site scripting in Frappe versions prior to 16.11.0 and 15.102.0 allows unauthenticated attackers to execute arbitrary JavaScript in users' browsers through malicious image URLs in avatar fields and website comments. The vulnerability affects any user viewing a page containing the compromised avatar, enabling session hijacking, credential theft, or malware distribution without user interaction.

XSS Frappe
NVD GitHub
CVSS 4.0
1.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy