EUVD-2026-17697

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

CVE-2026-34535 iccDEV: SEGV in CIccTagArray::Cleanup()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

CVE-2026-34535 iccDEV: SEGV in CIccTagArray::Cleanup()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

PT-2026-29384

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities. These vulnerabilities stemmed from unaligned member access during the processing of custom ICC configuration files,...

Amazon Linux 2023 : libde265, libde265-devel (ALAS2023-2026-1477)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1477 advisory. strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decodercontext::computeframedroptable. CVE-2025-61147 Tenable has extracted the preceding description...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1487)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1487 advisory. In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs CVE-2025-71225 In the Linux kernel, the following vulnerability has bee...

OpenCC has an Out-of-bounds read when processing truncated UTF-8 input

Summary OpenCC versions before 1.2.0 contain two CWE-125: Out-of-bounds Read issues caused by length validation failures in UTF-8 processing. When handling malformed or truncated UTF-8 input, OpenCC trusted derived length values without enforcing the invariant that processed length must not excee...

CVE-2026-32973

OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard matching across path segments to execute commands or...

Medium: libde265

Issue Overview: strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decodercontext::computeframedroptable. CVE-2025-61147 Affected Packages: libde265 Issue Correction: Run dnf update libde265 --releasever 2023.10.20260325 or dnf update --advisory...

CVE-2026-31794

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from invalid/wild pointer read in CIccCLUT::Interp3d causing a denial of service. This vulnerability is fixed in 2.3.1.5...

Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

Akamai Leads the Way: 2026 GigaOm Radar for Microsegmentation

Akamai Guardicore Segmentation, a Leader and Fast Mover in the 2026 GigaOm Radar for Microsegmentation report, balances innovation with platform strength...

CVE-2026-23343

CVE-2026-23343 involves the Linux kernel XDP tailroom calculation. Docked fixes describe that many ethernet drivers expose rx queue frag size, while xdp_frags_increase_tail() expects a truesize, causing unsigned tailroom to drift toward UINT_MAX and potentially grow tail space, leading to memory ...

mod_gnutls 安全漏洞

modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions of modgnutls prior to 0.12.3 and 0.13.0 have security vulnerabilities. These vulnerabilities stem from the fact that client certificate verification does not check the length of the certificate chain, which may lead to...

EUVD-2026-13834

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

CVE-2026-21732

CVE-2026-21732 affects the GPU shader compiler path used by Imagination Graphics DDK in various disclosures. The issue is described as an out-of-bounds write crash triggered by unusual GPU shader code, specifically when a web page contains shader input that is loaded into the GPU compiler process...

CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

ALPINE-CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...