KLA90942 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds write vulnerability in Skia can be exploited to cause denial of service. 2. Inappropria...

CLSA-2026-1773505564 vim: Fix of CVE-2026-26269

CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the handling of coordinates due to insufficient validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can achieve arbitrary code execution by enticing a use...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the processing of APS units due to insufficient validation of user-supplied data. An attacker can achieve arbitrary code execution by providing crafted input that triggers a write past the end of an allocated buff...

EUVD-2026-12037

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

EUVD-2026-12039

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

EUVD-2026-12041

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

EUVD-2026-12177

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl function in server/utils/agents/imported.js downloads a ZIP file from a community hub URL and extracts i...

CVE-2026-32719

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl function in server/utils/agents/imported.js downloads a ZIP file from a community hub URL and extracts i...

Unsafe Dependency Resolution

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic plugin discovery in .openclaw/extensions/. An attacker can execute arbitrary code by including a malicious plugin in a cloned repository,...

GHSA-99QW-6MR3-36QR OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories

Summary OpenClaw automatically discovered and loaded plugins from .openclaw/extensions/ inside the current workspace without an explicit trust or install step. A malicious repository could include a crafted workspace plugin that executed as soon as a user ran OpenClaw from that cloned directory...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the RealMedia Demuxer in gst-plugins-ugly. An attacker can achieve arbitrary code execution by enticing a user to open a specially crafted RealMedia file, resulting in an out-of-bounds write during the processing ...

CVE-2026-3562

The CVE-2026-3562 entry concerns Philips Hue Bridge hk_hap with an Ed25519 signature verification bug in ed25519_sign_open. The issue allows network-adjacent attackers to bypass authentication and execute arbitrary code on affected installations without authentication. Root cause is improper veri...

CVE-2026-3562

Philips Hue Bridge hkhap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-0957

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

EUVD-2026-11718

Locutus vulnerable to RCE via unsanitized input in createfunction...

CVE-2026-0956 Out-Of-Bounds Read in Digilent DASYLab

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

CVE-2026-0955

There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

CVE-2026-0957 Out-Of-Bounds Write in Digilent DASYLab

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

CVE-2026-0954

CVE-2026-0954 describes a memory corruption vulnerability in Digilent DASYLab: an out-of-bounds write when loading a corrupted .DSB file. The issue can lead to information disclosure or arbitrary code execution and requires a user to open a specially crafted DSB file. The advisory states it affec...