RockyLinux 8 : libreoffice (RLSA-2026:28922)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28922 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

CVE-2026-9750

An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain...

CVE-2026-49235 Routinator crashes on specifically crafted RRDP XML files

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

USN-8340-1: LibreOffice vulnerability

Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use this issue to cause LibreOffice to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2026-48735 pypdf: Manipulated XMP metadata streams can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

UBUNTU-CVE-2026-9100

The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection may cause any application that reads those files via the legacy API to either crash via a division-by-zero or silently leak process memo...

Astra Linux - уязвимость в pypdf2

pypdf is a pure-Python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who exploits this vulnerability can create a PDF that results in unexpected long execution times. This quadratic execution time blocks the current process and can even...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the libreoffice process when uploaded files containing external references are passed directly for conversion without content inspection. An attacker can cause the server to make arbitrary outbound HT...

Linux Distros Unpatched Vulnerability : CVE-2026-4430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue...

PT-2026-38345

Name of the Vulnerable Software and Affected Versions LibreOffice versions 26.2 through 26.2.2 LibreOffice versions 25.8 through 25.8.6 Description An out-of-bounds write occurs when processing crafted OOXML documents that contain mismatched encryption salt parameters. An out-of-bounds write is a...

FreeBSD : (lib)expat -- Insufficient entropy (88440f1d-4168-11f1-95f7-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 88440f1d-4168-11f1-95f7-00a098b42aeb advisory. https://github.com/libexpat/libexpat/pull/1183 reports: libexpat before 2.8.0 uses insufficient entropy...

Linux Distros Unpatched Vulnerability : CVE-2026-41168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to...

libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.

...

CVE-2026-41080

libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...

(lib)expat -- Insufficient entropy

https://github.com/libexpat/libexpat/pull/1183 reports: libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in ExtractEmbeddedFiles. An attacker can write files to arbitrary locations outside the intended directory by crafting malicious PDF files that exploit improper handling of file path separators. Note: This issue...

JLSEC-2026-80

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

Integer Overflow or Wraparound

Overview PyMuPDF is an A high performance Python library for data extraction, analysis, conversion & manipulation of PDF and other documents. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the pdfloadimageimp function. An attacker can achieve arbitrary code...