MGASA-2026-0162 Updated graphicsmagick packages fix a security vulnerability

The updated packages fix a security vulnerability: Stack buffer overflow in XTileImage. CVE-2026-42050...

OSV-2026-824 Stack-buffer-overflow in coolkey_rsa_op

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517058311 Crash type: Stack-buffer-overflow READ Crash state: coolkeyrsaop coolkeycomputecrypt sccomputesignature...

Free MP3 CD Ripper 安全漏洞

Free MP3 CD Ripper is an audio format converter. Version 2.8 of Free MP3 CD Ripper has a security vulnerability. This vulnerability stems from a stack buffer overflow issue during WMA file processing. It could allow local attackers to bypass the DEP protection by manipulating structured exception...

PT-2026-47227

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517058311 Crash type: Stack-buffer-overflow READ Crash state: coolkey rsa op coolkey compute crypt sc compute signature...

Shibby Tomato 安全漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28 of Shibby Tomato contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the sub90F0 function of the multimon.cgi file, which could lead to remote attacks...

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the file/goform/formSetPortTr, which could allow a remote attacker to execute an...

CVE-2026-9038

CVE-2026-9038 describes a stack-based buffer overflow in the charging controller’s signal-processing logic (XCharge C6). The vulnerability allows a physically proximate attacker to send oversized message fields, leading to memory corruption and potential execution of unauthorized code with elevat...

CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

CryptX 安全漏洞

CryptX is a open-source cryptographic toolkit developed by DCIT, based on various encryption algorithms. Versions of CryptX prior to 0.088001 contained security vulnerabilities. These vulnerabilities stemmed from stack buffer overflows in four AEAD decryption validation functions, which could all...

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

UTT HiPER 1200GW 安全漏洞

UTT HiPER 1200GW is a wireless gateway device developed by UTT Corporation. Versions of UTT HiPER 1200GW prior to 2.5.3-170306 contained security vulnerabilities. These vulnerabilities were caused by unknown functions in the Web Management Interface component/goform/formPptpClientConfig file, whi...

USN-8300-1: ngtcp2 vulnerability

Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog was enabled, a remote attacker could possibly use this issue to execute arbitrary code...

Edimax EW-7438RPn 安全漏洞

Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the parameter submit-url operation of the function formWpsProxyEnable in the file /goform/formWpsProxyEnable, and may resul...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from the Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the operation of the function formSDHCP in the file /goform/formSDHCP on the parameter...

Tenda F1202 安全漏洞

The Tenda F1202 is a dual-band Wi-Fi router with fifth-generation technology from Tenda, China. A security vulnerability exists in the Tenda F1202 version 1.2.0.20408, which originates from the operation of the function fromPptpUserAdd in the file /goform/PptpUserAdd on the parameter opttype, whi...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the parameter submit-url operation of the function formLicence in the file /goform/formLicence, and...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the parameter submit-url operation of the function formAccept in the file /goform/formAccept, and m...

Edimax EW-7438RPn 安全漏洞

Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the operation of the function formStats in the file /goform/formStats on the parameter submit-url, and could lead t...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the manipulation of the parameter of the function formWlanMP in the file /goform/formWlanMP, and ma...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Versions of Edimax EW-7438RPn prior to 1.31 contained a security vulnerability. This vulnerability stemmed from unknown functions in the webs component files and/goform/formWpsStart, which operated on...