Security Vulnerabilities
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
CVSS Score
8.0
EPSS Score
0.0
Published
2026-05-07
OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28.
This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.
CVSS Score
8.1
EPSS Score
0.0
Published
2026-05-07
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.
CVSS Score
5.7
EPSS Score
0.0
Published
2026-05-07
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.
This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-05-07
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL keywords (e.g., pg_read_file, LOAD_FILE, dblink) is applied on the collections:create and sqlCollection:execute endpoints but is entirely missing on the sqlCollection:update endpoint. An attacker with collection management permissions can create a SQL collection with benign SQL, then update it with arbitrary SQL that bypasses all validation, and query the collection to execute the injected SQL and exfiltrate data. This issue has been patched in version 2.0.39.
CVSS Score
7.2
EPSS Score
0.002
Published
2026-05-07
An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view.
When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads the first element on each stage’s input pipeline array without first verifying that the array is non-empty. Supplying an empty pipeline causes a null pointer dereference and crashes the server.
This issue affects MongoDB Server 8.2 versions prior to 8.2.7.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-05-07
Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-05-07
Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhost or link local ips. This can result in sensitive data being distributed to Envoy proxies via xDS configuration. This issue has been patched in versions 1.28.6 and 1.29.2.
CVSS Score
5.0
EPSS Score
0.0
Published
2026-05-07
Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
CVSS Score
3.7
EPSS Score
0.001
Published
2026-05-07
Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.
CVSS Score
3.7
EPSS Score
0.001
Published
2026-05-07