PT-2026-7730

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15.7.4 macOS versions prior to Sonoma 14.8.4 Description An authorization issue exists due to improved state management. This could allow an application to access sensitive user data. Recommendations Update to...

PT-2026-7774

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.3 iPadOS versions prior to 26.3 Description An input validation issue allows a person with physical access to an iOS device to potentially access photos from the lock screen. Recommendations Update to iOS version 26.3 ...

PT-2026-7747

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS versions prior to 26.3 Safari versions prior to 26.3 Description The software contains a flaw due to improper state management. Processing...

CVE-2021-26381

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption...

CVE-2021-26381

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption...

CVE-2021-26381

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption...

CVE-2021-26381

CVE-2021-26381 concerns improper system call parameter validation in the Trusted OS (TOS) that could let a malicious driver map/unmap a large number of pages, potentially causing kernel memory corruption. The connected sources describe this as a local, high-privilege issue with impact to memory c...

CVE-2026-21533

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

Brocade Fabric OS Security Update - Lenovo Support US

No description provided...

PT-2026-7458

Name of the Vulnerable Software and Affected Versions Trusted OS affected versions not specified Description A flaw exists in the Trusted OS related to improper validation of system call parameters. This could allow a malicious driver to perform numerous mapping or unmapping operations on system...

AMD Athlon™ and AMD Ryzen™ Processor Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Attack Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data...

Photon OS 4.0: Libtiff PHSA-2026-4.0-0959

An update of the libtiff package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0959. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Alsa PHSA-2026-4.0-0958

An update of the alsa package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0958. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

APSB26-23 : Security update available for Adobe DNG SDK

Adobe has released an update for the Adobe DNG Software Development Kit SDK for Windows and macOS. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and memory exposure, or application denial-of-service...

CVE-2024-34064 affecting package nodejs24 for versions less than 24.13.0-1

CVE-2024-34064 affecting package nodejs24 for versions less than 24.13.0-1. A patched version of the package is available...

CVE-2025-68160 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2025-68160 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

OS Command Injection

clawdbot is vulnerable to an OS command injection. The vulnerability is due to improper escaping and validation of user-supplied input in SSH-related functions, which allows an attacker to inject malicious command strings via the project root path or crafted SSH target arguments, leading to...

Authentication Bypass by Alternate Name

Overview org.apache.shiro:shiro-core is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Affected versions of this package are vulnerable to Authentication Bypass by Alternate Name while serving static files from...

fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing

A flaw was found in FontForge. This use-after-free vulnerability, occurring during the parsing of SFD Spline Font Database files, allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, such as opening a specially crafted malicious file or visiting a...

[SECURITY] Fedora 42 Update: node-exporter-1.10.2-3.fc42

Prometheus exporter for hardware and OS metrics exposed by NIX kernels, writ ten in Go with pluggable metric collectors...