CVE-2026-41721

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

PT-2026-48377

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

ROS-20260610-73-0020

The vulnerability of the Layout component: Texts and fonts in Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

ROS-20260610-73-0048

The vulnerability of the irpthreadfunc function in the RDP client of FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2026-2294)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing...

PT-2026-48569

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-50 ImageMagick versions prior to 7.1.2-25 Description A missing check for maximum memory request in the AcquireAlignedMemory function can trigger an out-of-memory condition, leading to a denial of service...

PT-2026-48413

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust demangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary...

PT-2026-48468

Summary Stack-based Buffer Overflow vulnerability in Erlang OTP erts inet drv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctp parse error chunk function in erts/emulator/drivers/common/inet drv.c parses SCTP ERROR chunks and writes...

PT-2026-48351

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp secure services.c and esp secure services iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

ROS-20260610-73-0003

The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

FreeBSD : Elixir -- Denial of service via unbounded integer parsing in Version (45accfb8-56e4-41b7-8463-572ce643fde0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 45accfb8-56e4-41b7-8463-572ce643fde0 advisory. PJUllrich reports: The Version module parses numeric version components without length limits. Untruste...

RHEL 7 : firefox (RHSA-2026:24983)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24983 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

PT-2026-48372

A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later...

ROS-20260610-73-0018

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

PT-2026-48545

Name of the Vulnerable Software and Affected Versions russh versions 0.37.0 through 0.60.2 Description In the keyboard-interactive authentication path of the client, a malicious SSH server can send a USERAUTH INFO REQUEST containing an attacker-controlled prompt count. The client uses this raw...

PT-2026-48573

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-25 Description A memory leak occurs when invalid options are provided to the wand option parser. A memory leak is a failure in a program to release discarded memory, causing performance degradation or...

PT-2026-48517

Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...

Linux Distros Unpatched Vulnerability : CVE-2026-9076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When CMS password-based decryption RFC 3211 / PWRI key unwrap processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can...

EulerOS 2.0 SP13 : glib-networking (EulerOS-SA-2026-2289)

According to the versions of the glib-networking package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib-networking. A malicious Transport Layer Security TLS server can exploit an out- of-bounds read and invalid free...

ROS-20260610-73-0044

The vulnerability of the smartcardunpacksetattribcall function in the RDP client FreeRDP is related to the execution of operations outside the buffer in memory, resulting from an incorrect validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary...