CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

Chromium: CVE-2026-11656 Use after free in ServiceWorker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-1767 Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leading to denial of service or information disclosure via malformed mp3 id3 tags

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

EUVD-2026-37028

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

CVE-2026-1767

CVE-2026-1767 affects GNOME localsearch’s MP3 Extractor (tracker-extract-mp3). The issue is a heap buffer overflow when parsing MP3 ID3 tags, caused by incorrect length calculations for performer tags, leading to potential DoS from a crash or information disclosure. Connected advisories reference...

CVE-2026-1766 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

CVE-2026-1766

CVE-2026-1766 concerns GNOME localsearch (tracker-extract-mp3) and its MP3 Extractor, where a heap buffer overflow occurs while parsing MP3 files with malformed ID3v2.3 COMM tags. Exploitation can cause DoS (crash) and may disclose heap data. Public advisories and patches exist across multiple ve...

CVE-2026-1765 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

CVE-2026-1765

CVE-2026-1765 concerns GNOME localsearch’s tracker-miners: the tracker-extract-mp3 component is vulnerable to a heap buffer overflow when processing crafted MP3 files, potentially causing Denial of Service (crash) and, in some cases, information disclosure from memory. The issue is confirmed acro...

EUVD-2026-37026

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

EUVD-2026-37011

Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege and/or denial of service. HP is releasing software updates to mitigate these potential vulnerabilities...

CVE-2026-1764 Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leads to denial of service or information disclosure when parsing mp3 files

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

CVE-2026-1764

The CVE-2026-1764 to CVE-2026-1767 family affects GNOME localsearch (tracker-miners) MP3 extraction. Root cause: a missing bounds check in extract_performers_tags when parsing MP3 files (ID3v2.x), enabling a heap buffer overflow. Impact: Denial of Service (remote or local depending on context) vi...

Malicious code in epm-service-module-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7b0de1b676618a68f5707692c33cef713882df9ef3ecdb5c73391837669af7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5851 Malicious code in epm-service-module-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7b0de1b676618a68f5707692c33cef713882df9ef3ecdb5c73391837669af7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2026-49943

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: End User Self Service. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Identity...

PT-2026-50008

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 Oracle Enterprise Command Center Framework versions V16 Description An issue in the Core component of the Oracle Enterprise Command Center Framework allows a low privileged attacker with...

PT-2026-50004

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 Oracle Enterprise Command Center Framework versions V16 Description An issue in the Core component of the Oracle Enterprise Command Center Framework allows a low privileged attacker with...