Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.8 CVE-2026-45258

Multiple vulnerabilities in the sound(4) mmap path_CVE-2026-45258

dsp_mmap_single() validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This additio...

FreeBSD FreeBSD 15.0-RELEASE CVE
HIGH 7.8 CVE-2026-49414

ASLR bypass for setuid executables via procctl(2)_CVE-2026-49414

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather tha...

FreeBSD FreeBSD 15.0-RELEASE CVE
HIGH 7.5 CVE-2026-10083

APCu Manager < 4.5.0 - Unauthenticated Stored XSS via Cache Key Pollution_CVE-2026-10083

The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Sto...

Unknown APCu Manager CVE
HIGH 8.7 CVE-2026-13564

Edimax EW-7478APC POST Request formPPPoESetup stack-based overflow_CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component PO...

Edimax EW-7478APC 1.04 CVE
HIGH 8.7 CVE-2026-13563

Edimax EW-7478APC POST Request formL2TPSetup stack-based overflow_CVE-2026-13563

A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the componen...

Edimax EW-7478APC 1.04 CVE
HIGH 8.7 CVE-2026-13562

Edimax EW-7478APC POST Request formiNICSiteSurvey buffer overflow_CVE-2026-13562

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the compone...

Edimax EW-7478APC 1.04 CVE
HIGH 7.1 CVE-2026-57346

WordPress Embed Privacy plugin <= 1.12.3 - Arbitrary File Deletion vulnerability_CVE-2026-57346

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal. This ...

Epiphyt Embed Privacy n/a CVE
HIGH 8.8 CVE-2026-25707

Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp_CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying re...

SUSE libzypp CVE
HIGH 7.1 CVE-2026-13601

Yelp: yelp-xsl: overly permissive content security policy in yelp allows host file disclosure from flatpak applications_CVE-2026-13601

A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak applica...

Red Hat Red Hat Enterprise Linux 10 CVE
HIGH 8.7 CVE-2026-13539

Wavlink WL-NU516U1-A POST Parameter wireless.cgi sub_407504 stack-based overflow_CVE-2026-13539

A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the function sub_407504 of the file /cgi-bin/wireless...

Wavlink WL-NU516U1-A M16U1_V240425 CVE