CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted media fil...

CVE-2026-20616

CVE-2026-20616: An out-of-bounds write issue affecting USD file processing was mitigated by improved bounds checking. It is fixed in iOS 18.7.5 / iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, and visionOS 26.3. Exploitation could cause unexpected app termination. This CVE, tied to multipl...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20611

CoreAudio in Apple platforms is affected by CVE-2026-20611, an out-of-bounds access issue that can cause an app to terminate or memory corruption when processing a malicious media file. Affected products/versions include iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...

PT-2026-7750

Name of the Vulnerable Software and Affected Versions macOS Tahoe versions prior to 26.3 macOS Sonoma versions prior to 14.8.4 macOS Sequoia versions prior to 15.7.4 watchOS versions prior to 26.3 tvOS versions prior to 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS...

About the security content of macOS Sequoia 15.7.4

About the security content of macOS Sequoia 15.7.4 This document describes the security content of macOS Sequoia 15.7.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

PT-2026-7754

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 macOS Sonoma versions prior to 14.8.4 macOS Tahoe versions prior to 26.3 visionOS versions prior to 26.3 Description An out-of-bounds write issue exists due to insufficient bounds...

CVE-2026-1849

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

AMD EPYC 9005 Series 安全漏洞

The AMD EPYC 9005 Series is a series of processors developed by American semiconductor company AMD. The AMD EPYC 9005 Series contains security vulnerabilities, which stem from improper bounds checking. These vulnerabilities may lead to writes to host memory and loss of integrity...

Oracle Linux 10 : kernel (ELSA-2026-2282)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2282 advisory. - mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. Davide Caratti RHEL-129044 CVE-2025-40133 - vsock/vmci: Clear the vmci transport packet...

kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters, leading to an out ...

MarkUs 安全漏洞

MarkUs is an open-source Ruby on Rails and React web application used for submitting and grading student assignments. Versions of MarkUs prior to 2.9.1 contained a security vulnerability due to insufficient file path checking, which could allow arbitrary file writing...

MiracleLinux 9 : java-25-openjdk-25.0.2.0.10-1.el9.ML.1 (AXSA:2026-154:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-154:04 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking function return values, potentially leading to null pointer dereferencing...

CLSA-2026-1770115899 java-17-openjdk: Fix of 5 CVEs

Update to jdk-17.0.18+8 GA - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21945: enhance Certificate Checking - CVE-2025-64720: libpng: fix buffer overflow - CVE-2025-65018: libpng: fix heap buffer overflow...

MiracleLinux 8 : java-21-openjdk-21.0.10.0.7-1.el8.ML.1 (AXSA:2026-129:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-129:02 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...