arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP event data to victim devices, causing...
arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim’s smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary...
arduino-TuyaOpen before version 1.2.1 contains a heap-based buffer overflow vulnerability in the DnsServer component. An attacker on the same local area network who controls the LAN DNS server can send malicious DNS responses to...
Mattermost versions 11.3.x
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133
Mattermost versions 11.3.x
Mattermost versions 11.3.x
GROWI OpenAI thread/message API endpoints do not perform authorization. Affected are v7.4.5 and earlier versions. A logged-in user who knows a shared AI assistant’s identifier may view and/or tamper the other user’s threads/messages. More...
Mattermost versions 11.3.x
Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03