CVE-2026-48112 GHSL-2026-122 7-Zip Ar SYMDEF OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...

CVE-2026-48111 GHSL-2026-121 7-Zip UEFI DEPEX OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parserCPP/7zip/Archive/UefiHandler.cpp. The function validates an attacker-controlled opco...

CVE-2026-48092

7-Zip (versions 9.34–26.00) contains a heap memory disclosure via a SquashFS fragment offset integer overflow on 32-bit builds. A 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset to bypass the fragment bounds check, causing memcpy to read heap m...

EUVD-2026-34837

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

MINI-R66H-26MG-JM67

Bulletin has no description...

ROOT-OS-DEBIAN-13-CVE-2026-23069 CVE-2026-23069 in rootio-linux - Patched by Root

Root has patched CVE-2026-23069 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

CVE-2026-10854

creationtimestamp| type| source ---|---|--- 2026-06-04 14:57:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnhv3u7pcq2x...

UBUNTU-CVE-2026-8829

Unknown description...

ROOT-OS-UBUNTU-2404-CVE-2026-43021 CVE-2026-43021 in rootio-linux - Patched by Root

Root has patched CVE-2026-43021 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2026-43495 CVE-2026-43495 in rootio-linux - Patched by Root

Root has patched CVE-2026-43495 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

DEBIAN-CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

CVE-2026-44654

creationtimestamp| type| source ---|---|--- 2026-06-03 02:46:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mne3rw5xa423...

RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

UBUNTU-CVE-2026-8341

Unknown description...

CVE-2026-0040

creationtimestamp| type| source ---|---|--- 2026-06-01 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities20260602...

CVE-2026-7459

The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated Subscriber+ account takeover in all versions up to, and including, 5.26.0 via the event reaction endpoints reacttoevent / unreacttoevent. The endpoints register getitemspermissionschec...

UBUNTU-CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

CVE-2026-10224

creationtimestamp| type| source ---|---|--- 2026-06-01 07:27:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn7kkqz5bv2t...

CVE-2026-20454

creationtimestamp| type| source ---|---|--- 2026-06-01 07:03:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn7j6mg4aa2j 2026-06-01 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities20260602 2026-06-02 20:00:00+00:00| seen|...