Advisories

Vaultwarden
- CVE-2026-43914 ‒ Brute-Force Protection Bypass in Vaultwarden via Email 2FA Endpoint
  
  Vaultwarden is a Bitwarden-compatible server written in Rust. In versions prior to 1.35.4, the login brute-force protection can be bypassed when email 2FA is enabled on the instance. The unprotected `send_email_login` endpoint acts as an oracle for valid username-password combinations, allowing an attacker to brute-force passwords without rate-limiting. This affects all users on the instance, even those who have not configured email 2FA themselves.
  
  Reported by: Robert
  
  May 20, 2026
Taiga
- CVE-2026-41250 ‒ Cross-Site-Scripting (XSS) in Taiga
  
  Taiga is an open-source project management tool. In taiga-front versions up to 6.9.0, the `textToHTML` function insufficiently sanitizes user-controlled input, allowing injection of JavaScript event attributes via permitted HTML tags. This can be exploited to steal session tokens from local storage. The issue has been fixed in version 6.9.1.
  
  Reported by: Robert
  
  May 6, 2026
Acronis Device Lock
- CVE-2026-41220 ‒ Out of bounds write in Acronis Device Lock Kernel Driver
  
  The DeviceLockDllDrv0.sys kernel driver shipped with Acronis Device Lock allows an unprivileged user to write to an arbitrary kernel address potentially leading to LPE.
  
  Reported by: Kolja
  
  May 6, 2026
Gitea
- CVE-2026-28705 ‒ Arbitrary File Write via Path Traversal in Gitea dump-repo Command
  
  Gitea is an open-source self-hosted Git service. In versions prior to 1.25.5, the `dump-repo` CLI command is vulnerable to a path traversal attack allowing arbitrary file writes with attacker-controlled content.
  
  Reported by: Robert
  
  May 6, 2026
HP DeskJet 2855e
- CVE-2026-4682 ‒ HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow RCE
  
  A stack buffer overflow vulnerability in SOAP request handling on the JobStatusEvent endpoint allows remote code execution.
  
  Reported by: Alain, Felipe
  
  Apr 17, 2026
Canon imageCLASS MF654Cdw
- CVE-2025-14237 ‒ Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow RCE
  
  An integer overflow in the TTF parser leads to a heap under allocation, resulting in remote code execution.
  
  Reported by: Alain, Florian
  
  Apr 15, 2026
PDF-XChange Editor
- CVE-2026-2040 ‒ PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
  
  The TrackerUpdate process loads libraries from an unsecured location, leading to privilege escalation.
  
  Reported by: Kolja
  
  Mar 23, 2026
Wazuh
- CVE-2025-59938 ‒ Heap Buffer Overflow in wazuh-analysisd
  
  Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions >=3.8.0 through <4.11.0, wazuh-analysisd is vulnerable to a heap buffer overflow when parsing XML elements from Windows EventChannel messages.
  
  Reported by: Konstantin
  
  Sep 26, 2025

Newer advisories

1 / 3

Disclosure Policy

We take responsible disclosure seriously.

We adhere to an industry-standard 90+30 disclosure policy. This means once we notify the vendor about a security vulnerability, they have 90 days to create a patch and make it available for users. Neodyme will publicly disclose vulnerability details 30 days after the patch has been made available to users. If the vendor does not patch an issue within the initial 90 days, Neodyme reserves the right to publicize details of the vulnerability at the end of the 90-day period. However, the vendor has the option to receive an additional 14 day grace period to release a patch upon request. In such a case, Neodyme will publicize vulnerability details 120 days after the initial disclosure. This policy is inspired by the Google Project Zero disclosure policy.

Vaultwarden

Taiga

Acronis Device Lock

Gitea

HP DeskJet 2855e

Canon imageCLASS MF654Cdw

PDF-XChange Editor

Wazuh

Disclosure Policy