CVE-2026-27821: Critical Stack Overflow in GPAC NHML Parser Opens Door to Remote Crashes and Possible Code Execution Vulnerabilities AegironMarch 2, 2026March 2, 20269 mins0 GPAC NHML Parser Stack Buffer Overflow Overview A stack-based buffer overflow vulnerability was identified in the NHML…continue reading..
CVE-2026-27804: Critical Parse Server Flaw Lets Hackers Bypass Google Login Using “alg: none” JWT Trick Vulnerabilities AegironMarch 2, 2026March 2, 202610 mins0 CVE Information CVE ID: CVE-2026-27804Severity: CriticalCVSS Score: 9.3 (Network exploitable, no authentication required, high impact on confidentiality…continue reading..
CVE-2026-27896: High-Severity JSON Parsing Flaw in MCP Go SDK Opens Door to Protocol Bypass Risks Vulnerabilities AegironMarch 2, 2026March 2, 202610 mins0 CVE-2026-27896 — MCP Go SDK JSON Case-Insensitive Parsing Vulnerability CVE: CVE-2026-27896Name: Go MCP SDK improper handling of…continue reading..
CVE-2026-27952: Agenta Sandbox Flaw Enables Authenticated Users to Achieve Remote Code Execution via NumPy Introspection Vulnerabilities AegironMarch 2, 2026March 2, 202610 mins0 Agenta Sandbox Escape via NumPy Introspection CVE ID: CVE-2026-27952Affected Product: Agenta API (self-hosted deployments)Affected Versions: All versions…continue reading..
Critical libvips Flaws Expose Servers to Remote Exploitation: High-Severity Memory Vulnerabilities (CVE-2026-3283 & CVE-2026-3281) Put Image Processing Systems at Risk Vulnerabilities AegironMarch 2, 2026March 2, 202610 mins0 Product Overview – libvips libvips is a fast and memory-efficient image processing library written in C. It…continue reading..
CVE-2026-28363: Critical OpenClaw safeBins Bypass Enables Approval-Free Command Execution via GNU Option Abuse Vulnerabilities AegironMarch 2, 2026March 2, 20269 mins0 OpenClaw safeBins Allowlist Bypass – Approval-Free Execution CVE ID: CVE-2026-28363Product: OpenClawComponent: tools.exec.safeBinsAffected Versions: All versions prior to…continue reading..
CVE-2026-28372: Critical Flaw in GNU inetutils Telnetd Lets Local Users Escalate to Root Without Authentication Vulnerabilities AegironMarch 2, 2026March 2, 20269 mins0 GNU inetutils telnetd Privilege Escalation Vulnerability Executive Summary A privilege escalation issue was identified in GNU inetutils…continue reading..
CVE-2026-3277: PowerShell Universal Exposes OIDC Client Secret in Cleartext, Enabling Service Impersonation Risks Vulnerabilities AegironMarch 2, 2026March 2, 202610 mins0 CVE-2026-3277 Product: PowerShell UniversalVendor: DevolutionsVulnerability Type: Cleartext Storage of Sensitive InformationCWE: CWE-312CVSS v4.0: 6.8Severity: MediumAttack Vector: Local…continue reading..
Critical Security Alert: Multiple Zero-Day-Style Flaws in n8n Could Allow Full Server Takeover — Immediate Patching Strongly Advised Vulnerabilities AegironMarch 2, 2026March 2, 202611 mins0 Product Overview Product: n8nVendor: n8n GmbHType: Workflow Automation & Integration PlatformCore Technology: Node.js (TypeScript), Express backend, SQLite/PostgreSQL,…continue reading..
CVE-2026-27812: Sub2API Password Reset Flaw Allows Account Takeover via Host Header Manipulation Vulnerabilities AegironMarch 2, 2026March 2, 20269 mins0 Sub2API Password Reset Poisoning via Host Header Manipulation CVE ID: CVE-2026-27812Product: Sub2APIAffected Versions: Versions prior to 0.1.85Fixed…continue reading..
