CVE-2026-53173

CVE-2026-53173 describes a Linux kernel vulnerability in accel/ethosu where an OOB write can occur in ethosu_gem_cmdstream_copy_and_validate(). The root cause is a loop that increments the index a second time when a 64-bit command word is encountered (bit 14 set) but does not re-check the bound b...

CVE-2026-56117

CVE-2026-56117: dhcpcd up to version 10.3.2 contains a local heap use-after-free in the control socket handling (src/control.c). The root cause is that control_recvdata() can free the client object while a subsequent READ+HANGUP event reaches control_hangup() with a stale pointer, enabling memory...

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

EUVD-2026-36735

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

EUVD-2025-210135

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.76...

EUVD-2025-210122

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.68...

EUVD-2025-210127

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast...

PT-2026-49048

Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.76 Description A heap buffer out-of-bounds read occurs in the antivirus engine when scanning a malformed PDF file. This issue may lead to local execution of code or a denial-of-service of the engine...

CVE-2026-48103

7-Zip versions 9.34–26.00 contain an off-by-one heap out-of-bounds read in the WIM archive handler (WIM security descriptor lookup). In WimHandler.GetSecurity, the per-image SecurOffsets table holds numEntries+1 offsets, and securityId == numEntries is allowed, causing reads at SecurOffsets[secur...

PT-2026-44983

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description The RDPEAR NDR parser in FreeRDP accepts a single non-null NDR pointer ref-id for multiple logical pointer fields without tracking the expected NDR type or ownership of the pointed object. If the sa...

SUSE CVE-2026-41401

libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...

Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2026-1714)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1714 advisory. When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of ra...

Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

...

Heap-based Buffer Overflow

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

CVE-2026-3593 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

CVE-2026-3593 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

Astra Linux - уязвимость в nasm

In Netwide Assembler NASM 2.15rc10, there is a memory corruption issue related to heap use-after-free in the saawbytes function in nasmlib/saa.c...

dnsmasq: extract_addresses() OOB read via malformed rdlen

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNS response processing. The extractaddresses function trusts the declared record data length rdlen without verifying that a subsequent call to extractname stays within the record boundary. A crafted DNS response with a mismatche...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the MSL decoder. An attacker can cause a denial of service by submitting a specially crafted MSL image that triggers a heap use-after-free condition. Remediation A fix was pushed into the master branch but not yet...

JLSEC-2026-508

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...