Common Vulnerabilities and Exposures (CVE)
CVE-2026-21030
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions.
CVE-2026-21029
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations.
CVE-2026-21028
Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
CVE-2026-21027
Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function.
CVE-2026-21026
Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information.
CVE-2026-21025
Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.
CVE-2026-8914
In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices running versions 1.09 through 1.09.1, due to unsafe calls to an eval function in rpc-profile, a vulnerability exists where a lower privileged user c...
CVE-2026-48840
Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
CVE-2026-6274
Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This is...
CVE-2026-49777
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No...
CVE-2025-10439
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yordam Informatics Yordam Library Automation System allows SQL Injection. This issue affects Yordam Library Automation System: from 21.5 ...
CVE-2025-10449
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saysis Computer Systems Trade Ltd. Co. Saysis Web Portal allows Path Traversal. This issue affects Saysis Web Portal: from 3.1.9 & 3.2.0 before...
CVE-2025-10463
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse. This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outd...
CVE-2025-10464
Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data. This issue affects Senseway: through 09022026. NOTE: Because the p...