arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim’s smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary...
arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP event data to victim devices, causing...
arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the WiFiUDP component. An attacker on the same local area network can send a large volume of malicious UDP packets to cause memory...
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133
Mattermost versions 11.3.x
Mattermost versions 11.3.x
Mattermost versions 11.3.x
GROWI OpenAI thread/message API endpoints do not perform authorization. Affected are v7.4.5 and earlier versions. A logged-in user who knows a shared AI assistant’s identifier may view and/or tamper the other user’s threads/messages. More...
Mattermost versions 11.3.x
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03