EUVD-2026-10941

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-10942

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-10944

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-10940

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-10903

Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-15384)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

CVE-2025-70082

An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...

KLA90933 ACE vulnerability in Microsoft Browser

Memory safety vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories CVE-2026-3537 Exploitation Related products Microsoft-Edge CVE list CVE-2026-3537 critical Solution Install necessary...

CVE-2025-67041

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...

SonicWALL SonicOS Buffer Overflow Vulnerability

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A buffer overflow vulnerability exists in SonicWALL SonicOS. The vulnerability stems from improper API endpoint boundary checking and can be exploited by an attacker to execute arbitrar...

OpenClaw 安全漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code...

Lenovo ThinkPad 安全漏洞

Lenovo ThinkPad is a portable computer by Lenovo Corporation. The Lenovo ThinkPad has a security vulnerability, which stems from improper initialization issues in the BIOS of certain ThinkPads. This vulnerability may allow local privileged users to modify data and execute arbitrary code...

spin.js 安全漏洞

spin.js is a JavaScript library developed by Felix Gnass. Versions of spin.js prior to 3.0.0 contained security vulnerabilities. These vulnerabilities stemmed from prototype pollution and cross-site scripting vulnerabilities in the spin function, which could allow attackers to execute arbitrary...

AlmaLinux 8 : postgresql:15 (ALSA-2026:4059)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4059 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

Jellyfin 安全漏洞

Jellyfin is an open-source free software media system developed by Jellyfin. It allows you to control the management and streaming of media. It serves as a replacement for proprietary products like Emby and Plex, enabling the delivery of media from proprietary servers to end-user devices through...

PT-2026-24746

Name of the Vulnerable Software and Affected Versions Jellyfin versions affected versions not specified Description Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in the jellyfin/jellyfin-ios repository is susceptible to arbitrary code execution through pull...

AlmaLinux 9 : postgresql (ALSA-2026:3730)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3730 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

CVE-2026-27271

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27271

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21362

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...