Skip to main content
CVE-2026-21715 LOW PATCH Monitor

Node.js Permission Model enforcement in versions 20.x, 22.x, 24.x, and 25.x fails to validate read permissions for fs.realpathSync.native(), allowing local authenticated processes running under --permission with restricted --allow-fs-read to enumerate filesystem paths, check file existence, and resolve symlink targets outside permitted directories. This information disclosure vulnerability bypasses sandbox restrictions intentionally configured by administrators and affects multiple stable and current Node.js release series.

Node.js Information Disclosure
NVD VulDB
CVSS 3.0
3.3
EPSS
0.0%
CVE-2026-32696 LOW PATCH Monitor

Remote denial of service in NanoMQ MQTT Broker 0.24.6 allows unauthenticated remote attackers to crash the broker by connecting without credentials when HTTP authentication is enabled with username/password placeholders, triggering a null pointer dereference in the auth_http.c module. The vulnerability requires high attack complexity (user interaction via specific MQTT CONNECT configuration) but results in broker unavailability. Vendor-released patch version 0.24.7 addresses the issue.

Null Pointer Dereference Denial Of Service Nanomq
NVD GitHub
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-33762 LOW PATCH GHSA Monitor

Denial-of-service vulnerability in go-git v5 and earlier versions allows local attackers with write access to the repository to craft a malicious Git index file (format version 4) that triggers an out-of-bounds slice operation during parsing, causing application panic and process termination. The vulnerability requires local disk write access to the .git directory and user interaction (file opening), making it a low-severity but exploitable DoS vector for applications that do not gracefully handle panics. Patch versions v5.17.1 and v6 are available.

Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
2.8
EPSS
0.0%
CVE-2026-5107 LOW PATCH Monitor

Remote improper access control in FRRouting FRR up to version 10.5.1 allows authenticated remote attackers to bypass authorization checks in the EVPN Type-2 Route Handler (process_type2_route function), potentially leading to integrity and availability impacts. The vulnerability requires high attack complexity and authenticated access (PR:L), limiting immediate exploitation risk. An upstream fix (commit 7676cad65114aa23adde583d91d9d29e2debd045) is available; no public exploit code or active CISA KEV designation identified at time of analysis.

Authentication Bypass Frr
NVD VulDB GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-7741 LOW CISA Monitor

Hardcoded password vulnerability in Yokogawa CENTUM VP allows authentication bypass for the PROG system account across versions R5.01.00-R5.04.20, R6.01.00-R6.12.00, and R7.01.00. An attacker who obtains the hardcoded credential and has direct access to the Human Interface Station (HIS) running CTM authentication mode can log in as PROG; however, real-world risk is constrained because PROG defaults to S1 (OFFUSER) permission level, and exploitation requires pre-existing HIS access. No public exploit code or active CISA KEV status identified at time of analysis.

Authentication Bypass Centum Vp
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-28527 LOW PATCH Monitor

BlueKitchen BTstack contains an out-of-bounds read vulnerability in AVRCP Controller GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT and GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT handlers that allows nearby Bluetooth Classic attackers with a paired connection to trigger information disclosure and potential denial of service. The vulnerability requires an attacker within Bluetooth range to establish a paired connection and send specially crafted VENDOR_DEPENDENT responses, resulting in reads beyond packet boundaries. No public exploit code or active exploitation has been identified; vendor-released patch v1.8.1 is available.

Buffer Overflow Information Disclosure Btstack
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-28526 LOW PATCH Monitor

BlueKitchen BTstack AVRCP Controller handlers read beyond buffer boundaries when processing specially crafted VENDOR_DEPENDENT responses, allowing nearby Bluetooth Classic attackers with a paired connection to trigger an out-of-bounds read that may crash resource-constrained devices. The vulnerability affects all versions prior to v1.8.1, has a CVSS score of 2.1 (very low severity) due to limited availability impact and requirement for paired connection plus user interaction, and no public exploit code or active exploitation has been identified.

Buffer Overflow Information Disclosure Btstack
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-28528 LOW PATCH Monitor

Out-of-bounds read in BlueKitchen BTstack AVRCP Browsing Target GET_FOLDER_ITEMS handler allows paired Bluetooth Classic attackers to cause denial of service and corrupt attribute bitmap state through insufficient bounds validation on the attr_id parameter. Attack requires proximity (Bluetooth range) and an established pairing relationship. CVSS score of 2.1 reflects limited impact (no confidentiality loss, minor integrity and availability degradation) despite low attack complexity; no active exploitation reported at time of analysis.

Buffer Overflow Information Disclosure Btstack
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5148 LOW Monitor

SQL injection in YunaiV yudao-cloud up to version 2026.01 allows authenticated remote attackers to execute arbitrary SQL queries via the toMail parameter in the /admin-api/system/mail-log/page endpoint, enabling data exfiltration and potential database manipulation. The vulnerability carries a CVSS score of 5.1 with moderate confidentiality and integrity impact. Public exploit code is available, and the vendor has not responded to early disclosure efforts, leaving organizations dependent on self-patching or workarounds.

SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy