CVE-2026-33983

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...

CVE-2026-26073

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/std::deque corruption. The trigger is powermeter public key update and EV session/error events while OCPP not started. This results in a TSAN data race report and an ASAN/UBSAN...

CVE-2026-26073 EVerest: OCPP 1.6 heap corruption caused by lock-free insertion in event_queue

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/std::deque corruption. The trigger is powermeter public key update and EV session/error events while OCPP not started. This results in a TSAN data race report and an ASAN/UBSAN...

firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...

firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...

FreeBSD : Mozilla -- Multiple vulnerabilities (26c24872-2943-11f1-8461-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 26c24872-2943-11f1-8461-b42e991fc52e advisory. CVE-2026-4729: Memory safety bugs CVE-2026-4728: Spoofing issue in the Privacy: Anti-Tracking...

EVerest 竞争条件问题漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2026.02.0 contained a race condition vulnerability. This vulnerability stemmed from undefined C++ behavior due to data races, which could lead to memory corruption...

CVE-2026-4718

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...

CVE-2026-4705

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...

EUVD-2026-15378

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...

SUSE CVE-2026-4724

Undefined behavior in the Audio/Video component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4724

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the Audio/Video component...

CVE-2026-23386

CVE-2026-23386 concerns the Linux kernel gve driver in QPL mode, where gve_tx_clean_pending_packets() could misinterpret the dma_addr_t array as buffer IDs, causing out-of-bounds/unmap errors. The root cause was an improper buffer cleanup path in gve_tx_clean_pending_packets() that could referenc...

CVE-2026-23383 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...

EUVD-2026-14863

Undefined behavior in the Audio/Video component. This vulnerability affects Firefox 149...

EUVD-2026-14825

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

EUVD-2026-14851

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

CVE-2026-4724

Undefined behavior in the Audio/Video component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4718

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4705

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...