RLSA-2026:4629 Important: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 For more details about the security issues, including the...

libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

EUVD-2026-12538

A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...

Canva Affinity 安全漏洞

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to disclose sensitive information when using specially crafted EMF files...

Canva Affinity EMF File EMR_POLYPOLYLINE Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2325 Canva Affinity EMF File EMRPOLYPOLYLINE Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-22882 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Canva Affinity EMF File EMR_HEADER offDescription Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2299 Canva Affinity EMF File EMRHEADER offDescription Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-61979 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF fil...

Canva Affinity EMF File EMR_POLYBEZIER16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2316 Canva Affinity EMF File EMRPOLYBEZIER16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-47873 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Canva Affinity EMF File EMR_POLYBEZIERTO Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2318 Canva Affinity EMF File EMRPOLYBEZIERTO Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66503 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Canva Affinity EMF File EMR_STRETCHBLT offBmiSrc Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2312 Canva Affinity EMF File EMRSTRETCHBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64735 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

Canva Affinity EMF File EMR_HEADER nDescription Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2298 Canva Affinity EMF File EMRHEADER nDescription Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-62500 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file,...

Uncaught Exception

Overview github.com/buger/jsonparser is an Alternative JSON parser for Go. Affected versions of this package are vulnerable to Uncaught Exception via the Delete function when processing malformed JSON input. An attacker can cause a runtime panic and disrupt service availability by submitting...

Important: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

EUVD-2026-12113

GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Malicious code in n8n-nodes-format-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b8b8fc0a97b9f9e3203a35534d7ff6518dbe0e53753093610315382e5f40b0e The package n8n-nodes-format-utils was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview n8n-nodes-format-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

MAL-2026-1469 Malicious code in n8n-nodes-format-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b8b8fc0a97b9f9e3203a35534d7ff6518dbe0e53753093610315382e5f40b0e The package n8n-nodes-format-utils was found to contain malicious code. Source: ghsa-malware...

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

CVE-2026-2920

GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2026-2920

GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2026-2920

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...