MATLOCK.CA
28Articles
5Categories
2026-05-10Date
🐛
CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39823 Bypass of meta content URL escaping causes XSS in html/template
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-41889 pgx: SQL Injection via placeholder confusion with dollar quoted string literals
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-6665 PgBouncer buffer overflow in SCRAM
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-6667 PgBouncer missing authorization check in KILL_CLIENT admin command
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-6666 PgBouncer crash in kill_pool_logins_server_error
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-45130 Vim: Heap Buffer Overflow in spell file loading
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-44656 Vim: OS Command Injection via 'path' completion
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-33811 Crash when handling long CNAME response in net
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39817 Invoking "go tool pack" does not sanitize output paths in cmd/go
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39819 Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39826 Escaper bypass leads to XSS in html/template
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-39836 Panic in Dial and LookupPort when handling NUL byte on Windows in net
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-42499 Quadratic string concatenation in consumePhrase in net/mail
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-42501 Malicious module proxy can bypass checksum database in cmd/go
MSRC.MICROSOFT.COM — 10 May 2026
🐛
CVE-2026-33079 Mistune ReDoS in LINK_TITLE_RE allows denial of service with crafted Markdown titles
MSRC.MICROSOFT.COM — 10 May 2026
🐛
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
THEHACKERNEWS.COM — 10 May 2026
⚠️
Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams
KEVHELPNETSECURITY.COM — 10 May 2026
⚠️
Official JDownloader site served malware to Windows and Linux users between May 6 and May 7
SECURITYAFFAIRS.COM — 10 May 2026
⚠️
New cPanel vulnerabilities could allow file access and remote code execution
SECURITYAFFAIRS.COM — 10 May 2026
🔥
CyberWire Daily at 10: The evolution of geopolitics and warfare.
THECYBERWIRE.COM — 10 May 2026
🔥
Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION
SECURITYAFFAIRS.COM — 10 May 2026
🔥
Weekly Update 503
TROYHUNT.COM — 10 May 2026
🕵️
YARA-X 1.16.0 Release, (Sun, May 10th)
ISC.SANS.EDU — 10 May 2026
🌐
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96
SECURITYAFFAIRS.COM — 10 May 2026