KLA90935 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in Web Speech can be exploited to...

openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20348-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20348-1 advisory. Changes in python-PyPDF2: - CVE-2026-28804: Denial of Service via crafted PDF with ASCIIHexDecode filter bsc1259404 - Update sources with osc run...

Linux Distros Unpatched Vulnerability : CVE-2026-31826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory...

abstra (>=1.8.8 <=2.5.1), clay (>=3.0.0 <=4.0.0) +19 more potentially affected by CVE-2026-28356 via multipart (>=0.2.4 <=1.2.1)

multipart PYPI version =0.2.4, =1.8.8, =3.0.0, =4.5.0b3, =0.3.11, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =0.1.0, =1.0.0, =0.1.3, =1.1.44 and more Source cves: CVE-2026-28356 Source advisory: OSV:GHSA-P2M9-WCP5-6QW3...

Arbitrary Code Injection

md-to-pdf is vulnerable to Arbitrary Code Injection. The vulnerability is due to a Markdown front-matter block that contains JavaScript delimiter, where the JS engine in gray-matter library executes arbitrary code in the Markdown to PDF converter process of md-to-pdf library, and attackers can...

SUSE CVE-2026-3932

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-3939

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. Chromium security severity: Low...

CLSA-2026-1773308416 cups-filters: Fix of 2 CVEs

CVE-2025-64503: fix out-of-bounds write in pdftoraster filter caused by integer overflow when processing PDFs with large MediaBox values - CVE-2025-57812: fix out-of-bounds read/write in imagetoraster TIFF processing caused by incorrect buffer size calculation in cupsImageLut...

EUVD-2026-11468

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. Chromium security severity: Low...

EUVD-2026-11456

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-3939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF fil...

DEBIAN-CVE-2026-3939

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. Chromium security severity: Low...

CVE-2026-3939

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. Chromium security severity: Low...

DEBIAN-CVE-2026-3932

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-3932

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-3939

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. Chromium security severity: Low...

CVE-2026-3939

Google Chrome/Chromium is affected by CVE-2026-3939 due to insufficient policy enforcement in PDF handling, allowing a crafted PDF to bypass navigation restrictions. Affected component: PDF policy enforcement in Chrome/Chromium prior to version 146.0.7680.71 (specific fixed versions cited by Debi...

CVE-2026-3939

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. Chromium security severity: Low...

CVE-2026-3932

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-3932

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...