vulns

---

Vulnerability Notes

• CVE-2026-32729 - Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`
• CVE-2026-3227 - Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N
• CVE-2026-32616 - Pigeon has a Host Header Injection in email verification flow
• CVE-2026-32627 - cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy
• CVE-2025-15060 - claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability
• CVE-2026-3083 - GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability
• CVE-2026-3085 - GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability
• CVE-2026-3838 - Unraid Update Request Path Traversal Remote Code Execution Vulnerability
• CVE-2026-3561 - Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability
• CVE-2026-3560 - Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability
• CVE-2026-3559 - Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability
• CVE-2026-3558 - Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability
• CVE-2026-3557 - Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
• CVE-2026-3556 - Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability
• CVE-2026-3555 - Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability
• CVE-2026-32621 - Apollo Federation has prototype pollution via incomplete key sanitization
• CVE-2026-32626 - AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection
• CVE-2026-32600 - xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption
• CVE-2026-3999 - Broken access control vulnerability affecting ID Server
• CVE-2026-3909 - Google Skia Out-of-Bounds Write Vulnerability - [Actively Exploited]
• CVE-2026-32746 - GNU inetutils telnetd LINEMODE SLC Buffer Overflow
• CVE-2026-32459 - WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability