PT-2026-48269

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2023.19 and earlier ColdFusion versions 2025.8 and earlier Description An incorrect authorization flaw allows a high-privileged attacker to achieve arbitrary code execution in the context of the current user. This issue...

X.Org Server CheckSetGeom Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

PT-2026-48344

Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell metacharacters into the 'dir' POST parameter, completely bypassing the TERMINAL COMMANDS whitelist and achieving full Remote Code Executio...

CVE-2026-30141

An issue was discovered in bitbank2 AnimatedGIF v2.2.0. A buffer overflow in the DecodeLZW function allows remote attackers to cause a denial of service crash or potentially execute arbitrary code via a crafted GIF file...

RockyLinux 8 : samba (RLSA-2026:22644)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22644 advisory. samba: group policy certificate enrollment uses http:// without validation CVE-2026-3012 samba: Samba: Remote Code Execution in printing subsystem via...

Linux Distros Unpatched Vulnerability : CVE-2026-11632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute...

PT-2026-48246

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the font handling component, which could lead to arbitrary code execution in the context of the current user. This occurs when a victim open...

PT-2026-48223

Name of the Vulnerable Software and Affected Versions Dreamweaver Desktop versions 21.7 and earlier Description A dependency on a vulnerable third-party component allows for arbitrary code execution in the context of the current user. This issue requires user interaction, specifically the opening...

PT-2026-48237

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

CVE-2026-36723

An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem. This enables unauthorized access to...

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

PT-2026-48251

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the AcroForm component, which could lead to arbitrary code execution in the context of the current user. This occurs when a victim opens a...

PT-2026-48102

Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A heap-based buffer overflow allows an unauthorized attacker to execute arbitrary code over a network, which can affect the system. A heap-based buffer overflow occurs when an...

PT-2026-47932

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An integer underflow wrap or wraparound occurs in Microsoft Office Excel, which could allow an unauthorized attacker to execute code locally. Recommendations At the moment, the...

PT-2026-47862

Name of the Vulnerable Software and Affected Versions Nuance PowerScribe affected versions not specified Description Deserialization of untrusted data allows an unauthorized attacker to execute code over a network. Deserialization is the process of converting a data stream back into an object,...

PT-2026-48221

Name of the Vulnerable Software and Affected Versions Substance3D Sampler versions 6.0.0 and earlier Description An out-of-bounds write occurs when the software processes a malicious file. This issue can lead to arbitrary code execution within the context of the current user and requires user...

NVIDIA Transformers4Rec Model.load Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Transformers4Rec. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2026-47968

Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Description An untrusted pointer dereference allows an unauthorized attacker to execute code locally. Although the impact is remote, the payload executes on the local machine. Recommendatio...

PT-2026-47941

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description An improper limitation of a pathname to a restricted directory, known as path traversal, allows an authorized attacker to execute arbitrary code over a network...

PT-2026-47956

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An integer underflow wrap or wraparound occurs in Microsoft Office Excel, which allows an unauthorized attacker to execute arbitrary code locally or remotely, potentially...