CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
CVE-2026-0413 describes a buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models. It allows authenticated administrators connected to the local network to make unauthorized modifications to router software and functionality.
CVE-2026-0412 describes an insufficient input validation vulnerability in the NETGEAR JR6150 router, allowing administrators on the local network to make unauthorized modifications to the router's software and functionality.
Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.
A security issue in NETGEAR Orbi 370 series devices that could allow an attacker to intercept and tamper with traffic between the router and the Internet. This could enable the attacker to run commands on the device when the device administrator performs certain specific management actions.
A CWE-611 vulnerability related to improper restriction of XML External Entity Reference exists that could lead to information disclosure of server-side file contents. An attacker with a Data Center Expert user account can submit crafted XML payloads to SOAP service endpoints.
An improper access control vulnerability exists in Fortinet FortiPortal versions 7.4.0 through 7.4.7, 7.2.0 through 7.2.8, and all versions of 7.0. An attacker may exploit this vulnerability for unauthorized access.
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability in Fortinet FortiOS and FortiProxy allows an authenticated admin to execute lua scripts via crafted CLI commands. This affects multiple versions of FortiOS and FortiProxy.
A vulnerability was found in the Linux kernel's DAMON (Data Access Monitoring) subsystem. The damon_start() function did not validate whether the min_region_sz parameter is a power of two, allowing unaligned region address ranges. The issue has been fixed in a newer kernel version.
In the Linux kernel's Nouveau driver, a memory leak occurs when aperture_remove_conflicting_pci_devices() fails during probe. The error path does not properly release the nvkm_device structure, leaking both the device wrapper and the pci_enable_device() reference.
Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion.
Logseq is vulnerable to a sandbox escape flaw where plugins running in sandboxed iframes can inject arbitrary HTML attributes into their container element in the host DOM.
Logseq is vulnerable to stored XSS attacks. A malicious plugin can include a JavaScript payload in the 'name' field of its 'package.json', allowing arbitrary code execution in a privileged context.
In the Linux kernel, the EROFS filesystem for file-backed mounts has a vulnerability where I/O requests beyond the end of the filesystem are not properly zeroed out. This could lead to data disclosure or unexpected behavior.
A stack buffer overflow was discovered in 389 Directory Server in the checkPrefix() function in pw.c. It copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values.
A flaw was found in 389 Directory Server where the PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption during authentication, resulting in denial of service.
A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication.
A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure.
A flaw was found in 389 Directory Server where the ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.
A type confusion flaw was found in the SSO token extended operation handler of 389 Directory Server. It discloses partial stack address information in LDAP responses to authenticated users.
In the Linux kernel, a patch for hugetlbfs was reverted due to incorrect handling of VMA lock allocation at the mmap_prepare stage. A failed allocation after mmap_prepare could cause a lock leak. The revert restores previous behavior to allow redesign.

