CVE-2026-20690

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciousl...

CVE-2026-20690

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciousl...

EUVD-2026-15160

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may...

CVE-2026-28857

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-28857

CVE-2026-28857: The issue is a memory handling vulnerability in WebKit components that can cause an unexpected process crash when processing malicious web content. It has been fixed in Apple platforms: Safari 26.4, iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, and visionOS 26.4. The vulnerability affe...

CVE-2026-28857

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash...

SUSE CVE-2026-27654

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

SUSE CVE-2026-27969

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location e.g. an S3 bucket can manipulate backup manifest files so that files in the manifest - which may be files that they have also...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from attempting to cancel an initialization process when the firmware log is not initialized. This cou...

CVE-2026-26830

pdf-image npm package through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format to interpolate user-controlled file paths into shell command strings that are executed via childprocess.e...

Codra Panorama Suite 安全漏洞

Codra Panorama Suite is an industrial process monitoring software platform developed by the French company Codra. There is a security vulnerability in Codra Panorama Suite, which allows attackers to potentially read files on the Web HMI server...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to cause a sandboxed process to bypass sandboxing restrictions...

PT-2026-27802

Name of the Vulnerable Software and Affected Versions thumbler versions prior to 1.1.3 Description The software contains a flaw that allows for the injection of operating system commands. This occurs through the input, output, time, or size parameters within the thumbnail function. The issue aris...

CVE-2026-26832

node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to childprocess.exec...

CVE-2026-26831

textract through 2.5.0 is vulnerable to OS Command Injection via the file path parameter in multiple extractors. When processing files with malicious filenames, the filePath is passed directly to childprocess.exec in lib/extractors/doc.js, rtf.js, dxf.js, images.js, and lib/util.js with inadequat...

ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Assertion Failure (cve-2026-3104)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3104 advisory. - A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.If a BIND...

PT-2026-35857

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue exists in the GPU component. This occurs when a program continues to use a pointer after it has been freed, which can lead to heap corruption. A remote attacker...

PT-2026-27988

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 7.11 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An issue existed in GitLab CE/EE where an unauthenticated user could bypass WebAuthn two-factor...

Incorrect Authorization

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Incorrect Authorization via the Management API restore process. An attacker can modify or...

CVE-2026-1995

IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...