VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container's filesystem rather than the host's due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images Affected products named by the advisory: moby/v2/daemon; docker/daemon.
Multiple NetApp products incorporate Spring Boot. Spring Boot versions 4.0.0 through 4.0.5, 3.5.0 through 3.5.13, 3.4.0 through 3.4.15, 3.3.0 through 3.3.18, and 2.7.0 through 2.7.32 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). <br><br> OnCommand Insight:<br> Affected only by CVE-2026-40975. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
CVSSv3 Score: 7.9 Linux kernel is impacted by CVE-2026-43284 and CVE-2026-43500 which chained together create the Dirty Frag vulnerability.CVE-2026-43284 In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output.
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0.
CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities
In today’s rapidly evolving technology and threat landscape, responsible transparency should be a cornerstone of any product security program. As part of our ongoing product security program, we continually assess, investigate, and address vulnerabilities. When an issue is found, we communicate relevant information as quickly and responsibly as possible. To this end, we are issuing an important security update addressing vulnerabilities in Ivanti Neurons for ITSM (cloud and on-premises). Customers should review the Security Advisory for more information and version specific details. Customers using the on-premises Ivanti Neurons for ITSM solution should review the Security advisory and apply fix as soon as possible. At the time of this publication, we are not aware of any customers being exploited through the vulnerability disclosed today. Our top priority is the security of our customers and believe the increase in identified, resolved, and transparently communicated vulnerabilities demonstrates that commitment. Customers and partners with questions about their environment or remediation steps can contact Ivanti Support. Cases can be logged via the Ivanti Innovators Hub (login credentials required). Want to stay up to date on Ivanti Security Advisories?
Multiple NetApp products incorporate Apache Tomcat. Apache Tomcat versions 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, and 9.0.0.M1 through 9.0.117 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability
CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing
CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
Multiple vulnerabilities allow remote authenticated users with administrator privileges to read/write/delete specific files. Affected product named by the advisory: Active Backup. Affected products named by the advisory: Active Backup for Business for DSM 7.2; Active Backup for Business for DSM 7.1; Active Backup for Business for DSM 6.2.
An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server. Affected products named by the advisory: C2. Affected products named by the advisory: C2 Identity Edge Server for DSM 7.3; C2 Identity Edge Server for DSM 7.2.2; C2 Identity Edge Server for DSM 7.2.1; C2 Identity Edge Server for DSM 7.1.
Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name (DN). Affected products named by the advisory: DSM 7.3; DSM 7.2.2.
Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors.
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway. Affected product named by the advisory: Check Point.
The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used (4500/UDP). As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service (temporary interruption of VPN negotiations/traffic). Affected product named by the advisory: Check Point.
The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality). Affected product named by the advisory: Check Point.
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configuration field in config.json. When a model's config.json specifies a model_file pointing to a Python file, MLX-LM uses importlib to load and execute it with no trust_remote_code gate or equivalent safety check. The MLX backend runs without sandboxing, resulting in arbitrary code execution on the Docker host as the Docker Desktop user. Any container on the Docker network can trigger this by calling the model-runner.docker.internal API to pull a malicious model from an attacker-controlled OCI registry and request inference.