CVE-2026-31780

A flaw was found in the Linux kernel's wilc1000 Wi-Fi driver. An integer overflow vulnerability exists in the calculation of the SSID scan buffer size. This can lead to a heap buffer overflow when processing multiple Service Set Identifiers SSIDs, potentially allowing a local attacker to cause a...

GHSA-RCH3-82JR-F9W9 vulnerabilities

Vulnerabilities for packages: jupyter-base-notebook, tensorflow-cpu-jupyter...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the TShape process in the VRML parser when coordIndex values from parsed input are used as direct array indices without validation against the size of the coordinate array during geometry processing. An attack...

CVE-2026-23866

Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggerin...

CVE-2026-23866

Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggerin...

EUVD-2026-26666

Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggerin...

CVE-2026-23866

Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggerin...

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

EUVD-2026-26663

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-22167

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

EUVD-2026-26524

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi-nrpages in f2fswriteendio The xfstests case "generic/107" and syzbot have both reported a NULL pointer dereference. The concurrent scenario that triggers the panic is as follows:...

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...

Chromium: CVE-2026-7333 Use after free in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

OSV-2026-659 Heap-buffer-overflow in ___interceptor_strncpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=507904196 Crash type: Heap-buffer-overflow WRITE Crash state: interceptorstrncpy concathashstring ndpisearchsshtcp...

Facebook WhatsApp 安全漏洞

Facebook WhatsApp is a suite of Android-based mobile applications from Facebook, Inc. in the United States that utilize the Internet to deliver text messages. The application uses the contact information in a smartphone to find contacts using the software to send texts, pictures, and more. A...

Cisco Firepower Threat Defense (FTD) Software TLS with Snort 3 Detection Engine DoS (cisco-sa-ftd-tcp-dos-rHfqnwRg)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the TLS processing feature of the Snort 3 detection engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote...

PT-2026-36500

Name of the Vulnerable Software and Affected Versions WhatsApp for iOS versions 2.25.8.0 through 2.26.15.72 WhatsApp for Android versions 2.25.8.0 through 2.26.7.10 Description Incomplete validation of AI rich response messages for Instagram Reels allows a user to trigger the processing of media...