CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.13)
In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These issues occur only in devices that have already joined the network.
In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload, leading to process termination. These messages must come from a device that has already joined the network.
In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is read back to the requester.
In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. Only devices that have already joined the network and support the Color Control cluster may be impacted.
In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. Only devices that have already joined the network and support the Color Control cluster may be impacted.
Dell Display and Peripheral Manager (DDPM Mac) versions prior to 2.3 contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
Dell Display and Peripheral Manager (DDPM) for Windows versions prior to 2.3 contain an Improper Access Control vulnerability. A low-privileged attacker with local access could exploit this to achieve code execution.
Dell Display and Peripheral Manager (DDPM) for macOS versions prior to 2.3 contain a Race Condition vulnerability due to concurrent execution using a shared resource without proper synchronization. A low-privileged attacker with local access could potentially exploit this vulnerability to achieve Elevation of Privileges.
An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.
Incomplete validation of the SOA record present in a catalog zone might lead to a crash.
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insufficient input validation.
A vulnerability in Dell Wyse Management Suite (versions prior to WMS 5.5 HF1) involves accepting extraneous untrusted data along with trusted data. This allows a low-privileged attacker with remote access to execute code on the vulnerable system.
The vulnerability affects the ECS (EDNS Client Subnet) mechanism in DNS servers. Zero-scoped ECS responses are stored in the packet cache even though they should not be cached. The issue occurs only in configurations with ECS enabled.
Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys.
The MainWP Child plugin versions up to 6.1.1 contain a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized operations on the site without requiring authentication.
A vulnerability in Devolutions Server versions 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host. By crafting a DomainName parameter in the PAM AD discovery endpoints, the attacker can capture PAM provider credentials as an NTLMv2 challenge-response.
An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter.
An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash.

