Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260401-0 >
=======================================================================
title: Broken Access Control
            product: Open WebUI
 vulnerable version: <v0.8.11
      fixed version: v0.8.11
CVE number: CVE-2026-34222
             impact: high
homepage:https://openwebui.com
              found: 2026-02-06...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260326-0 >
=======================================================================
title: Local Privilege Escalation
product: Vienna Assistant (MacOS) - Vienna Symphonic Library
 vulnerable version: 1.2.542
fixed version: -
CVE number: CVE-2026-24068
             impact: high
homepage:https://www.vsl.co.at/
         ...

Posted by Joseph Goydish II via Fulldisclosure on Apr 02

SUMMARY

Apple's Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes
traffic through 14 third-party endpoints across six countries. These include
an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint
(Yandex), and a Swiss GmbH whose privacy policy names "The Legal Entity to
be Confirmed" as its data controller. None of this is disclosed to users.

This is shared infrastructure. All devices using Live...

Posted by Egidio Romano on Apr 02

---------------------------------------------------------------------------
MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://www.metinfo.cn

[-] Affected Versions:

Versions 7.9, 8.0, and 8.1.

[-] Vulnerability Description:

The vulnerable code is located into the...

Posted by cyber security on Apr 02

A vulnerability was identified in OWASP CRS where whitespace padding
in filenames can bypass file upload extension checks, allowing uploads
of dangerous files such as .php, .phar, .jsp, and .jspx. This issue
has been assigned CVE‑2026‑33691.

Impact: Attackers may evade CRS protections and upload web shells
disguised with whitespace‑padded extensions. Exploitation is most
practical on Windows backends that normalize whitespace in filenames...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-10 Xcode 26.4

Xcode 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126801.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

otool
Available for: macOS Tahoe 26.2 and later
Impact: An app may be able to cause unexpected system termination
Description: An...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-9 Safari 26.4

Safari 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126800.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Sonoma and macOS Sequoia
Impact: Processing maliciously crafted web content may prevent Content
Security...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-8 visionOS 26.4

visionOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126799.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: Apple Vision Pro (all models)
Impact: An attacker in a privileged network position may be able to
intercept...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-7 watchOS 26.4

watchOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126798.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: Apple Watch Series 6 and later
Impact: An attacker in a privileged network position may be able to
intercept...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-6 tvOS 26.4

tvOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126797.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An attacker in a privileged network position may be able to
intercept...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5

macOS Sonoma 14.8.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126796.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: macOS Sonoma
Impact: An attacker in a privileged network position may be able to
intercept network...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5

macOS Sequoia 15.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126795.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: macOS Sequoia
Impact: An attacker in a privileged network position may be able to
intercept...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-3 macOS Tahoe 26.4

macOS Tahoe 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126794.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: macOS Tahoe
Impact: An attacker in a privileged network position may be able to
intercept network...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7

iOS 18.7.7 and iPadOS 18.7.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126793.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation
Impact: An attacker in...

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4

iOS 26.4 and iPadOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126792.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st...

Posted by Egidio Romano on Mar 28

---------------------------------------------------------------------------
MailEnable <= 10.54 Multiple Reflected Cross-Site Scripting Vulnerabilities
---------------------------------------------------------------------------

[-] Software Link:

https://www.mailenable.com

[-] Affected Versions:

Version 10.54 and prior versions.

[-] Vulnerabilities Description:

1) Vulnerable code in ManageShares.aspx

User input passed through the...

Posted by Guang Gong on Mar 28

OpenClaw MEDIA: Protocol Prompt Injection - File Disclosure Bypassing Tool
Permissions
======================================================================================

OVERVIEW
--------
A file disclosure vulnerability in OpenClaw (AI personal assistant
platform)
allows any group chat member (Discord/Telegram/WhatsApp) to exfiltrate
local
files - including LLM provider API keys, conversation history, and system
prompts - via the...

Posted by Aki Tuomi on Mar 28

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. This advisory is also published at
https://documentation.open-xchange.com/dovecot/security/advisories/html/2026/oxdc-adv-2026-0001.html

---

Classification: TLP:GREEN

Internal reference: DOV-7830
Type: CWE-1250 (Improper Preservation of Consistency Between Independent Representations of...

Posted by Abhinav Agarwal on Mar 28

Two memory safety vulnerabilities in libfuse's io_uring code path
(introduced in 3.18.0) have been fixed in libfuse 3.18.2. Only the
io_uring transport is affected; the traditional /dev/fuse path is not.

Affected versions: libfuse >= 3.18.0, < 3.18.2
Fixed in: libfuse 3.18.2
https://github.com/libfuse/libfuse/releases/tag/fuse-3.18.2

CVE-2026-33150: Use-After-Free
Severity: High (CVSS 7.8)
CWE: CWE-416

Use-after-free in io_uring...

Posted by Qualys Security Advisory via Fulldisclosure on Mar 19

Qualys Security Advisory

Good things come to those who wait:
snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

========================================================================
Contents
========================================================================

Summary
Case study: Ubuntu Desktop 24.04
- Analysis
- Exploitation
Case study: Ubuntu Desktop 25.10
- Overview
- Exploitation
A quick note on the uutils coreutils (the...