CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

EUVD-2026-16340

A flaw was found in GIMP's PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...

UBUNTU-CVE-2026-4887

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

PT-2026-28086

Name of the Vulnerable Software and Affected Versions LibTIFF affected versions not specified Description A specially designed TIFF file can trigger an out-of-memory error or excessive resource usage during image decoding. The issue arises from the image decoding process attempting to allocate up...

DEBIAN-CVE-2026-33298

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...

PT-2026-27272

Name of the Vulnerable Software and Affected Versions llama.cpp versions prior to b7824 Description The software is susceptible to an integer overflow in the ggml nbytes function. This allows an attacker to bypass memory validation by creating a specially crafted GGUF file with specific tensor...

(lib)tiff -- Integer Overflow or Wraparound

PrymEvol and Quang Luong reports: A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrec...

CVE-2026-30007

XnSoft NConvert 7.230 is affected by CVE-2026-30007: a Use-After-Free in processing crafted TIFF files. According to the provided metrics, the impact is Availability: High; Confidentiality/Integrity: None; Attack vector: Local; Privileges required: None; User interaction: None; Base score 6.2 (Me...

PT-2026-27144

Name of the Vulnerable Software and Affected Versions cgltf versions prior to 1.15 Description cgltf versions prior to 1.15 contain an integer overflow issue in the cgltf validate function when validating sparse accessors. This allows attackers to trigger out-of-bounds reads by providing speciall...

CVE-2026-30006

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

CVE-2026-33243 barebox: FIT Signature Verification Bypass Vulnerability

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a FIT signature verification vulnerability to trick the bootloader into booting different images than those that were verified as part of a...

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-012 (ALASGIMP-2026-012)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-012 advisory. GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote...

CVE-2025-65119

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

CVE-2026-2921 GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability

GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending o...

[SECURITY] Fedora 42 Update: libmaxminddb-1.13.1-1.fc42

The libmaxminddb library provides a C library for reading MaxMind DB files, including the GeoIP2 databases from MaxMind. This is a custom binary format designed to facilitate fast lookups of IP addresses while allowing for great flexibility in the type of data associated with an address. The...

GStreamer 输入验证错误漏洞

GStreamer is an open-source framework for processing streaming media. GStreamer has a vulnerability related to input validation, which stems from a lack of verification of the data provided by users when handling palette data in AVI files. This vulnerability may lead to integer overflow and remot...

CVE-2025-70330

Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handling of proprietary .EGP gradebook files. By modifying specific fields at precise offsets within an otherwise valid .EGP file, an attacker can trigger an out-of-bounds memory read during parsing. This results in an unhandled...

CVE-2026-28795

OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and visualize data through natural language conversations. Prior to version 0.2.2, the savereport tool in openchatbi/tool/savereport.py suffers from a critical path traversal...

Path Traversal

OpenChatBI is vulnerable to Path Traversal. The vulnerability is due to insufficient input sanitization of the fileformat parameter in the savereport tool, allowing attackers to manipulate file paths and potentially write files outside the intended directory...