PT-2026-48240

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Microsoft Azure Stack Edge 安全漏洞

Microsoft Azure Stack Edge is a Azure-hosted device by Microsoft that integrates Azure computing, storage, and intelligent features at the edge. There are security vulnerabilities present in Microsoft Azure Stack Edge. Attackers can exploit these vulnerabilities to execute code remotely...

Linux Distros Unpatched Vulnerability : CVE-2026-11694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2026-11651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Veeam Backup and Replication < 12.3.2.4854 (kb4869)

The version of Veeam Backup and Replication installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4869 advisory. - A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user...

Linux Distros Unpatched Vulnerability : CVE-2026-11683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML pag...

Ivanti Sentry 操作系统命令注入漏洞

Ivanti Sentry is an online gateway provided by the American company Ivanti. It is used to manage, encrypt, and protect traffic between mobile devices and backend enterprise systems. Versions of Ivanti Sentry prior to R10.5.2, R10.6.2, and R10.7.1 contained an operating system command injection...

PT-2026-47907

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description An integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. Integer underflow occurs when an arithmetic...

Linux Distros Unpatched Vulnerability : CVE-2026-11688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

PT-2026-47915

Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A heap-based buffer overflow allows an unauthorized attacker to execute arbitrary code over a network, which can affect the system. A heap-based buffer overflow occurs when an...

PT-2026-47902

Name of the Vulnerable Software and Affected Versions Windows Performance Monitor affected versions not specified Description An integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. This condition can lead to remote co...

KB5094041: Windows Server 2012 R2 Security Update (June 2026)

The remote Windows host is missing security update 5094041. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...

Linux Distros Unpatched Vulnerability : CVE-2026-11645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2026-11662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute...

FreeBSD : strongSwan -- Double-free when destroying certain cloned identities that can lead to remote code execution (a207a367-6359-11f1-8c57-000af7b98cf6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a207a367-6359-11f1-8c57-000af7b98cf6 advisory. R. Elliott Childre reports: The clone method of the identificationt class doesn't correctly handle...

PT-2026-48235

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...