PT-2026-50984

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to provide crafted video frame pixels that overlap with internal encoder layer...

CGA-VGPQ-XPP4-4J5V

Bulletin has no description...

GO-2026-5062 Lack of limit on tile sizes in x/image/tiff in golang.org/x/image

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

GO-2026-5061 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

Malicious code in clx-cookie-signature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0e91601d276764067b1b209efd17a1f59ef03ff4fc814bcb22c495f4a0f9b3 Package impersonates the popular cookie-signature library copying its README, author field 'TJ Holowaychuk ', and sign/unsign API, but index.js adds ...

MINI-GCCG-J4M6-Q6Q8

Bulletin has no description...

MINI-FFXM-53GJ-7FJ8

Bulletin has no description...

MINI-3J4Q-6399-W2VJ

Bulletin has no description...

MINI-QV8G-W4FH-GCW6

Bulletin has no description...

MINI-CFRM-3MMP-VWW9

Bulletin has no description...

MINI-66FW-HHCR-C3H3

Bulletin has no description...

MINI-MXXH-J2PP-8VGH

Bulletin has no description...

MINI-85W5-HJ2C-F94G

Bulletin has no description...

MINI-XX9F-G688-P765

Bulletin has no description...

MINI-96R5-MWW4-57FV

Bulletin has no description...

MINI-CR4R-JQ7Q-4943

Bulletin has no description...

MINI-J22C-6PVF-8M59

Bulletin has no description...

MINI-9CR2-8775-HV84

Bulletin has no description...

MINI-W25G-4M2Q-QP8G

Bulletin has no description...

MINI-56V4-589W-QFJX

Bulletin has no description...