Notepad++ < 8.9.4 Multiple Vulnerabilities

The version of Notepad++ installed on the remote host is prior to 8.9.4. It is, therefore, affected by multiple vulnerabilities: - A string injection vulnerability exists in the FindInFiles feature. When the nativeLang.xml file's 'find-result-hits' element contains a format string specifier such ...

CVE-2026-37555

An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...

UBUNTU-CVE-2026-37555

An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...

JLSEC-2026-324

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c...

JLSEC-2026-325

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...

JLSEC-2026-298

HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterfletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-292

HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-316

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HGread in H5HG.c called from H5VLnativeblobget in H5VLnativeblob.c, resulting in the corruption of the instruction pointer...

JLSEC-2026-306

HDF5 Library through 1.14.3 may use an uninitialized value in H5Aattrreleasetable in H5Aint.c...

JLSEC-2026-297

HDF5 through 1.14.3 contains a stack buffer overflow in H5Rdecodeheap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-329

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...

JLSEC-2026-319

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Trefmemsetnull in H5Tref.c called from H5Tconvref in H5Tconv.c, resulting in the corruption of the instruction pointer...

JLSEC-2026-315

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Faddrdecodelen in H5Fint.c, resulting in the corruption of the instruction pointer...

JLSEC-2026-293

HDF5 through 1.14.3 contains a heap buffer overflow in H5HGcacheheapdeserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-341

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5Faddrdecodelen of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to...

JLSEC-2026-327

A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...

JLSEC-2026-333

A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5Faddrencodelen of the file src/H5Fint.c. The manipulation of the argument pp leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has...

JLSEC-2026-320

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Dscattermem in H5Dscatgath.c...

JLSEC-2026-303

HDF5 library through 1.14.3 has memory corruption in H5Aclose resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-354

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...