Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-43715

CVE-2026-43715_CVE-2026-43715

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tah...

Apple Safari CVE
HIGH 8.8 CVE-2026-43705

CVE-2026-43705_CVE-2026-43705

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. ...

Apple Safari 26.5.2 CVE
HIGH 7.5 CVE-2026-41896

Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret_CVE-2026-41896

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the ap...

coollabsio coolify < 4.0.0-beta.474 CVE
HIGH 8.8 CVE-2026-34597

Coolify: Authenticated Host RCE_CVE-2026-34597

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticat...

coollabsio coolify < 4.0.0-beta.470 CVE
HIGH 8.8 CVE-2026-34594

Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management_CVE-2026-34594

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated comma...

coollabsio coolify < 4.0.0-beta.471 CVE
HIGH 7.7 CVE-2026-34592

Coolify: Cross-Team IDOR via Unscoped Server and Project Lookups Exposes SSH Keys and Infrastructure_CVE-2026-34592

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and pro...

coollabsio coolify < 4.0.0-beta.471 CVE
HIGH 7.5 CVE-2026-8023

Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read_CVE-2026-8023

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYS...

zephyrproject zephyr 4.0.0 CVE
HIGH 8.1 CVE-2026-7656

Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expr...

zephyrproject zephyr 1.14.0 CVE
HIGH 7.8 B815CF61-2540-

Exploit for Out-of-bounds Write in Netapp Bootstrap_Os_B815CF61-2540-5E4D-AAB8-F3976D79DF34

Security Notice: This repository contains working exploit code for educational and research purposes. Use responsibly and only on systems you own o...

N/A N/A GITHUBEXPLOIT
HIGH 7.8 CVE-2026-49416

Integer overflow in vt(4) CONS_HISTORY ioctl_CVE-2026-49416

The CONS_HISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size...

FreeBSD FreeBSD 15.0-RELEASE CVE