CVE-2026-26830

pdf-image npm package through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format to interpolate user-controlled file paths into shell command strings that are executed via childprocess.e...

CVE-2026-4775

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

[SECURITY] Fedora 43 Update: giflib-5.2.2-9.fc43

giflib is a library for reading and writing gif images...

ROS-20260319-73-0001

A vulnerability in the Gimp image processing library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Important: firefox

Issue Overview: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and...

OPENSUSE-SU-2026:20391-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.8.1 ESR Add mail.openpgp.loaduntestedgpgmeversion to load untested GPGME version - Mozilla Thunderbird 140.8.0 ESR MFSA 2026-17 boo1258568 CVE-2026-2757 bmo2001637 Incorrect...

libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 140.8 MFSA 2026-17 bsc1258568: CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component CVE-2026-2758: Use-after-free in the JavaScript: GC component CVE-2026-2759: Incorrect boundary...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...

DEBIAN-CVE-2026-28691

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

firefox: thunderbird: Incorrect boundary conditions in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: ImageLib component...

Stack-based Buffer Overflow

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...

firefox: thunderbird: Incorrect boundary conditions in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: ImageLib component...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...

firefox: thunderbird: Incorrect boundary conditions in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: ImageLib component...