Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225

Summary IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses diff-8.0.2.tgz which is vulnerable to CVE-2026-24001

Summary IBM Maximo Application Suite - Visual Inspection component uses diff-8.0.2.tgz which is vulnerable to CVE-2026-24001, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24001 DESCRIPTION: jsdiff is a JavaScript text...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz which is vulnerable to CVE-2026-26960

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz which is vulnerable to CVE-2026-26960 This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-26960 DESCRIPTION: node-tar is a full-featured Tar f...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses minimatch-10.1.2.tgz which is vulnerable to CVE-2026-26996

Summary IBM Maximo Application Suite - Visual Inspection component uses minimatch-10.1.2.tgz which is vulnerable to CVE-2026-26996, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses ajv-6.12.6.tgz which is vulnerable to CVE-2025-69873

Summary IBM Maximo Application Suite - Visual Inspection component uses ajv-6.12.6.tgz which is vulnerable to CVE-2025-69873, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-69873 DESCRIPTION: ajv Another JSON Schema Validat...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

CVE-2026-7700

A weakness has been identified in langflow-ai langflow up to 1.8.4. This affects the function eval of the file src/lfx/src/lfx/components/llmoperations/lambdafilter.p of the component LambdaFilterComponent. Executing a manipulation can lead to code injection. The attack may be performed from...

SUSE CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

PT-2026-38162

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An integer overflow in the Network component allows a remote attacker who has compromised the renderer process to bypass the same origin policy a security mechanism that restricts how a...

PT-2026-38153

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A race condition in the Speech component allows a remote attacker who has already compromised the renderer process to obtain potentially sensitive information from process memory by usi...

PT-2026-38140

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after their release in the Audio component, which could allow remote attackers to execute...

PT-2026-38178

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in the GPU component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use after...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google to provide web browsing, application running and internet communication features. Google Chrome suffers from an integer overflow vulnerability that stems from the Network component failing to properly handle certain data, which can be exploited b...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation in the Omnibox component, which could allow remote attackers to injec...

PT-2026-37038

Name of the Vulnerable Software and Affected Versions IObit Advanced SystemCare 19 Description A security flaw in the Service component's "ASC.exe" file allows for symlink following. A symbolic link symlink is a type of file that points to another file or directory. This issue requires local acce...

PT-2026-38183

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in the Updater component on Windows allows a local attacker to achieve OS-level privilege escalation by using a malicious file. Recommendation...