Published threat advisories for May 1, 2026

A flaw in FRRouting can lead to network disruption. An attacker can cause a denial of service by sending a specially crafted network input to vulnerable systems.

NVD published: May 1, 2026

An external attacker can exploit a flaw in Open Vehicle Monitoring System 3 to send malicious data that crashes the system or allows unauthorized control over vehicle functions. This compromises sensitive telematics data and risks the execution of unauthorized commands on the vehicle.

NVD published: May 1, 2026

A flaw in OpenAMP's firmware loading could let attackers take control of embedded devices. This is critical because it impacts device integrity and availability.

NVD published: May 1, 2026

An external attacker could exploit a flaw in cannelloni by sending malicious data to crash the system or gain full control. This poses a risk to critical communication infrastructure, potentially leading to unauthorized system access or permanent service outages.

NVD published: May 1, 2026

Open-SAE-J1939 contains a flaw that allows an internal attacker to manipulate how the system processes data. This could enable unauthorized control over connected industrial vehicles or machinery, potentially leading to operational disruption or safety risks.

NVD published: May 1, 2026

The AGL app framework contains a flaw that allows an internal attacker to replace essential system files with malicious ones during application installation. This could grant the attacker administrative control or the ability to run unauthorized code, leading to total system compromise.

NVD published: May 1, 2026

MixPHP Framework has a critical flaw where it can be tricked into running malicious code, potentially exposing your applications and sensitive data to attackers over the internet.

NVD published: May 1, 2026

An external attacker could take advantage of a flaw in the MixPHP Framework to gain unauthorized control over web servers. This risk could lead to a complete system compromise, allowing an attacker to steal sensitive data or take over the application environment.

NVD published: May 1, 2026

A flaw in the Linux kernel `icssg-prueth` driver could allow an internal attacker to read private system memory. This could result in the exposure of sensitive information and potentially enable further unauthorized access to business systems.

NVD published: May 1, 2026

A critical flaw in the Linux kernel's networking could allow attackers to crash servers or take control by sending specially crafted internet traffic. This affects internet-facing Linux systems.

NVD published: May 1, 2026

An external attacker can send malicious network packets to exploit a flaw in the Linux kernel. This could allow them to crash critical servers or seize full control of the system, jeopardizing both network operations and data security.

NVD published: May 1, 2026

An internal attacker could exploit a memory flaw in the Linux kernel to crash systems or gain unauthorized access. This risk threatens business operations, potentially causing service outages and allowing attackers to compromise the security of sensitive systems.

NVD published: May 1, 2026

By processing a malicious file, an internal attacker can cause Hashcat to stop working, resulting in service disruption. This flaw also allows the attacker to execute unauthorized commands, giving them full control over the system.

NVD published: May 1, 2026

An internal attacker can exploit a flaw in Hashcat by providing a malicious hash file. This allows them to crash the software or seize control of the system, potentially compromising critical security operations.

NVD published: May 1, 2026

Hashcat contains a vulnerability that allows an internal attacker to run unauthorized commands or crash the application. This could result in a full compromise of the machine performing password cracking tasks.

NVD published: May 1, 2026

A flaw in the Linux kernel’s file-sharing service could allow an internal attacker to trigger a system crash. This disruption can make critical business resources unavailable, causing operational downtime for the organization.

NVD published: May 1, 2026

A critical flaw in the Linux kernel's file-sharing feature could let unauthorized users crash systems or potentially gain control. We recommend immediate patching for any affected Linux systems.

NVD published: May 1, 2026

An external attacker can exploit a vulnerability in the Apache MINA networking library to gain full control over the server. This access enables unauthorized command execution, which could lead to the theft of sensitive data, installation of malicious software, and a total compromise of business systems.

NVD published: May 1, 2026

A security flaw in Apache MINA could let attackers run harmful code on your services by sending specially crafted data, demanding prompt attention for affected applications.

NVD published: May 1, 2026

The Temporary Login plugin for WordPress has a critical flaw allowing anyone to log in as any user without a password. This internet-accessible vulnerability means your WordPress site could be compromised without any valid login.

NVD published: May 1, 2026

JS8Call and JS8Call-improved have a flaw where an external attacker can use a crafted radio signal to run unauthorized code on a connected workstation. This could allow the attacker to take full control of the system or disrupt communication services.

NVD published: May 1, 2026