Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015449 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build...

CLSA-2026-1777395318 ImageMagick: Fix of 2 CVEs

CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...

CLSA-2026-1777395036 ImageMagick: Fix of 2 CVEs

CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...

CLSA-2026-1777394326 ImageMagick: Fix of 2 CVEs

CVE-2026-33900: integer truncation/wraparound in the viff encoder that could trigger an out-of-bounds heap write on 32-bit builds GHSA-v67w-737x-v2c9; upstream b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 - CVE-2026-33905: out-of-bounds read in SampleImage when sample:offset is set via -sample define...

CVE-2026-5306

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

CVE-2026-5306 Check & Log Email < 2.0.13 - Unauthenticated Stored XSS

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

EUVD-2026-25995

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

CVE-2026-5306

CVE-2026-5306 : The WordPress plugin “Check & Log Email” is affected by a stored XSS in versions prior to 2.0.13 due to improper email replacement handling when the email encoder setting is enabled. This allows unauthenticated users to inject scripts via email content. Affected software: Check & ...

CVE-2026-5306 Check & Log Email < 2.0.13 - Unauthenticated Stored XSS

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

PT-2026-35668

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

CLSA-2026-1777323301 Fix CVE(s): CVE-2026-33900, CVE-2026-33905

SECURITY UPDATE: out-of-bounds heap write in VIFF encoder due to integer truncation on 32-bit builds - debian/patches/CVE-2026-33900.patch: add overflow check in WriteVIFFImage to reject packets values that truncate when cast to sizet, preventing a heap write beyond the allocated buffer -...

A Systematic Literature Review for Transformer-Based Software Vulnerability Detection

Context: Software vulnerabilities pose significant security threats to software systems, especially as software is increasingly used across many areas of daily life, including health, government, and finance. Recently, transformer-based models have demonstrated promising results in automatic...

CLSA-2026-1777047310 ImageMagick: Fix of 5 CVEs

CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit...

[SECURITY] Fedora 44 Update: libcgif-0.5.3-1.fc44

A fast and lightweight GIF encoder that can create GIF animations and images. Summary of the main features: - user-defined global or local color-palette with up to 256 colors limit of the GIF format - size-optimizations for GIF animations: - option to set a pixel to transparent if it has identica...

SUSE CVE-2026-31584

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2026:1596-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1596-1 advisory. - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncati...

SUSE SLES15 Security Update : ImageMagick (SUSE-SU-2026:1597-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1597-1 advisory. - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via...

Linux Distros Unpatched Vulnerability : CVE-2026-31584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any...

CLSA-2026-1777070517 Fix CVE(s): CVE-2026-33900, CVE-2026-33905

SECURITY UPDATE: integer truncation in VIFF encoder leading to out-of-bounds heap write - debian/patches/CVE-2026-33900.patch: add truncation check before AcquireVirtualMemory call in WriteVIFFImage in coders/viff.c - CVE-2026-33900 SECURITY UPDATE: out-of-bounds read in SampleImage via...

CLSA-2026-1777044608 ImageMagick: Fix of 5 CVEs

CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit...