Monthly
Denial of service in Arista EOS devices with IPsec configured allows remote unauthenticated attackers to halt all IPsec traffic processing by sending a specially crafted packet. The control plane's recovery attempt via pipeline reset may itself fail to restore traffic flow, producing a persistent outage of IPsec-protected communications until manual intervention. No public exploit identified at time of analysis, but the vulnerability was reported by an Arista customer, suggesting it was discovered through real-world operational impact rather than theoretical research.
Memory corruption in Qualcomm Snapdragon fastboot bootloader when processing commands that set the display mode allows a high-privileged local attacker with physical device access to corrupt memory and potentially execute code outside the bootloader's security context. The flaw, reported by Qualcomm and disclosed in their June 2026 security bulletin, affects Snapdragon platforms across the product line per the supplied CPE. No public exploit has been identified at the time of analysis, and the CVSS 7.2 score reflects the high privilege and physical access barriers that limit broad exploitation.
Memory corruption in Qualcomm Snapdragon fastboot bootloader processing allows a physically present attacker with high privileges to corrupt memory by submitting improperly formatted fastboot commands. The flaw carries a CVSS 7.2 score reflecting physical attack vector with scope change, and no public exploit identified at time of analysis. Disclosed in Qualcomm's June 2026 security bulletin, it affects Snapdragon platforms exposed during device provisioning, recovery, or firmware-flash workflows.
Memory corruption in Qualcomm Snapdragon fastboot bootloader handling allows a privileged local attacker with physical access to corrupt memory by issuing malformed fastboot commands, with scope change (CVSS S:C) indicating impact extends beyond the bootloader's security boundary. The flaw was disclosed by Qualcomm in the June 2026 security bulletin and carries a CVSS 3.1 base score of 7.2 (High). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon fastboot OEM command handling allows a local attacker with high privileges and physical access to compromise device confidentiality, integrity, and availability. The CVSS 7.2 score reflects the physical attack vector (AV:P) offset by high impact and scope change, and no public exploit identified at time of analysis. Disclosure originates from Qualcomm's June 2026 security bulletin.
WebSocket frame parsing in XX-Net V5.16.6 corrupts application-layer data when the local HTTP server's WebSocket_receive_worker routine unconditionally consumes 4 bytes as a masking key regardless of the RFC 6455 MASK bit, causing payload data to be silently misinterpreted. Attackers with local system access and no privileges can send unmasked WebSocket frames to the embedded simple_http_server.py endpoint, causing the first 4 bytes of any payload to be misread as a mask key and the remainder to be incorrectly XOR-decoded. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV; an upstream fix exists as a GitHub commit and open pull request but a formally released patched version has not been independently confirmed.
Denial of service in Red Hat build of Keycloak allows remote unauthenticated attackers to exhaust CPU and worker threads by submitting specially crafted XML payloads to the SAML endpoint. The flaw renders the identity provider unavailable, disrupting authentication for all downstream applications relying on it. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in M-Files Server versions prior to 26.5.16015.0, 26.2 LTS, and 25.8 LTS SR3 allows an authenticated remote attacker to crash the MFserver process, disrupting document management services for all connected users. The flaw is reachable over the network with low privileges and no user interaction, but has no impact on confidentiality or integrity. No public exploit identified at time of analysis, and the issue is not present in CISA KEV.
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent to execute arbitrary code on the local device without user consent. Exploitation is non-deterministic and model-dependent. The fix is automatically applied upon relaunch with no user action required.
IPv6 address validation bypass in Net::CIDR::Lite for Perl (versions <0.23) allows remote attackers to circumvent IP access control lists without authentication. The _pack_ipv6() function fails to validate that uncompressed IPv6 addresses contain exactly 8 hexadecimal groups, accepting malformed inputs like 'abcd' or '1:2:3' and producing incorrect packed representations. This causes find() and bin_find() methods to incorrectly match addresses against CIDR ranges, enabling ACL bypass. Exploitati
Denial of service in Arista EOS devices with IPsec configured allows remote unauthenticated attackers to halt all IPsec traffic processing by sending a specially crafted packet. The control plane's recovery attempt via pipeline reset may itself fail to restore traffic flow, producing a persistent outage of IPsec-protected communications until manual intervention. No public exploit identified at time of analysis, but the vulnerability was reported by an Arista customer, suggesting it was discovered through real-world operational impact rather than theoretical research.
Memory corruption in Qualcomm Snapdragon fastboot bootloader when processing commands that set the display mode allows a high-privileged local attacker with physical device access to corrupt memory and potentially execute code outside the bootloader's security context. The flaw, reported by Qualcomm and disclosed in their June 2026 security bulletin, affects Snapdragon platforms across the product line per the supplied CPE. No public exploit has been identified at the time of analysis, and the CVSS 7.2 score reflects the high privilege and physical access barriers that limit broad exploitation.
Memory corruption in Qualcomm Snapdragon fastboot bootloader processing allows a physically present attacker with high privileges to corrupt memory by submitting improperly formatted fastboot commands. The flaw carries a CVSS 7.2 score reflecting physical attack vector with scope change, and no public exploit identified at time of analysis. Disclosed in Qualcomm's June 2026 security bulletin, it affects Snapdragon platforms exposed during device provisioning, recovery, or firmware-flash workflows.
Memory corruption in Qualcomm Snapdragon fastboot bootloader handling allows a privileged local attacker with physical access to corrupt memory by issuing malformed fastboot commands, with scope change (CVSS S:C) indicating impact extends beyond the bootloader's security boundary. The flaw was disclosed by Qualcomm in the June 2026 security bulletin and carries a CVSS 3.1 base score of 7.2 (High). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon fastboot OEM command handling allows a local attacker with high privileges and physical access to compromise device confidentiality, integrity, and availability. The CVSS 7.2 score reflects the physical attack vector (AV:P) offset by high impact and scope change, and no public exploit identified at time of analysis. Disclosure originates from Qualcomm's June 2026 security bulletin.
WebSocket frame parsing in XX-Net V5.16.6 corrupts application-layer data when the local HTTP server's WebSocket_receive_worker routine unconditionally consumes 4 bytes as a masking key regardless of the RFC 6455 MASK bit, causing payload data to be silently misinterpreted. Attackers with local system access and no privileges can send unmasked WebSocket frames to the embedded simple_http_server.py endpoint, causing the first 4 bytes of any payload to be misread as a mask key and the remainder to be incorrectly XOR-decoded. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV; an upstream fix exists as a GitHub commit and open pull request but a formally released patched version has not been independently confirmed.
Denial of service in Red Hat build of Keycloak allows remote unauthenticated attackers to exhaust CPU and worker threads by submitting specially crafted XML payloads to the SAML endpoint. The flaw renders the identity provider unavailable, disrupting authentication for all downstream applications relying on it. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in M-Files Server versions prior to 26.5.16015.0, 26.2 LTS, and 25.8 LTS SR3 allows an authenticated remote attacker to crash the MFserver process, disrupting document management services for all connected users. The flaw is reachable over the network with low privileges and no user interaction, but has no impact on confidentiality or integrity. No public exploit identified at time of analysis, and the issue is not present in CISA KEV.
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent to execute arbitrary code on the local device without user consent. Exploitation is non-deterministic and model-dependent. The fix is automatically applied upon relaunch with no user action required.
IPv6 address validation bypass in Net::CIDR::Lite for Perl (versions <0.23) allows remote attackers to circumvent IP access control lists without authentication. The _pack_ipv6() function fails to validate that uncompressed IPv6 addresses contain exactly 8 hexadecimal groups, accepting malformed inputs like 'abcd' or '1:2:3' and producing incorrect packed representations. This causes find() and bin_find() methods to incorrectly match addresses against CIDR ranges, enabling ACL bypass. Exploitati