Amaranth Project A multi-stage backdoor implantation attack chain is implemented using CVE-2025-8088 WinRAR path traversal vulnerability, ≤ 7.11. F...
CVE-2026-13036 — Use-After-Free in Blink WidgetBase::UpdateSurfaceAndScreenInfo A use-after-free vulnerability in Google Chrome's Blink rendering e...
An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary co...
Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by s...
A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB. This vulnerability af...
A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due t...
CVE-2026-43503 — DirtyClone Linux local privilege escalation. A cloned skbuff loses the SKBFLSHAREDFRAG flag, so ESP in-place decryption writes int...
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass all...
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+im...
The Setracker2 Android Companion App (com.tgelec.setracker) versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating ...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
