PT-2026-8161

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18 Description The Linux kernel contained a flaw within the ice network driver where a NULL pointer dereference could occur in the ice vsi set napi queues function during resume from suspend. This issue could...

PT-2026-4845

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.6.2 Description A flaw exists in the pypdf library that allows attackers to trigger an infinite loop by creating a PDF file with cyclic outline references. This requires accessing the outlines or bookmarks within the...

Vulnerability fixed in Roundcube Webmail

Roundcube has fixed a vulnerability in Roundcube Webmail. An unauthenticated malicious party can exploit the vulnerability to perform a cross-site scripting attack. The malicious party can thus execute JavaScript code in a user's browser and take over a user's account, for example. To do this, th...

EUVD-2025-205884

A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/api/controller/Ajax.php of the component arcpagelist Handler. Executing manipulation of the argument attstr can lead to deserialization. The attack can be launched remotely. The...

OSV-2025-1049 Heap-buffer-overflow in unsigned char* std::__1::vector<unsigned char, std::__1::allocator<unsigned char

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=472222304 Crash type: Heap-buffer-overflow READ 1 Crash state: unsigned char std::1::vectorunsigned char, std::1::allocatorunsigned char pcpp::TLSECPointFormatExtension::getECPointFormatList...

WordPress WP Enabled SVG plugin <= 0.2 - Author+ Stored XSS via SVG vulnerability

Author+ Stored XSS via SVG vulnerability discovered by Pierre Rudloff in WordPress Plugin WP Enabled SVG versions = 0.2...

Towards Eco Friendly Cybersecurity: Machine Learning Based Anomaly Detection with Carbon and Energy Metrics

The rising energy footprint of artificial intelligence has become a measurable component of US data center emissions, yet cybersecurity research seldom considers its environmental cost. This study introduces an eco aware anomaly detection framework that unifies machine learning based network...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992864 advisory. In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQDMOVEPCNT...

EUVD-2025-205804

ImageMagick's failure to limit MVG mutual causes Stack Overflow...

Uncontrolled Recursion

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

GHSA-7RVH-XQP3-PR8J ImageMagick's failure to limit MVG mutual causes Stack Overflow

Summary Magick fails to check for circular references between two MVGs, leading to a stack overflow. Details After reading mvg1 using Magick, the following is displayed: ./magick -limit memory 2GiB -limit map 2GiB -limit disk 0 mvg:L1.mvg out.png AddressSanitizer:DEADLYSIGNAL...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the DrawPrimitive function in the draw.c file. An attacker can cause a stack overflow and application crash by providing MVG files containing circular references. Remediation A fix was pushed into the master...

ImageMagick's failure to limit MVG mutual causes Stack Overflow

Summary Magick fails to check for circular references between two MVGs, leading to a stack overflow. Details After reading mvg1 using Magick, the following is displayed: ./magick -limit memory 2GiB -limit map 2GiB -limit disk 0 mvg:L1.mvg out.png AddressSanitizer:DEADLYSIGNAL...

EUVD-2025-205813

ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack...

GHSA-P27M-HP98-6637 ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack

Summary Using Magick to read a malicious SVG file resulted in a DoS attack. Details bt obtained using gdb: 4 0x0000555555794c9c in ResizeMagickMemory memory=0x7fffee203800, size=391344 at MagickCore/memory.c:1443 5 0x0000555555794e5a in ResizeQuantumMemory memory=0x7fffee203800, count=48918,...

CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

UBUNTU-CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...