CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

107 matches found

Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

7.5CVSS5.8AI score0.00024EPSS

Exploits1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в c-ares

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and, if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files contains a NULL...

5.5CVSS6.6AI score0.00055EPSS

Exploits0References2

EUVD•added 2026/03/31 3:31 p.m.•1 views

EUVD-2026-17412

An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...

6.1AI score0.0002EPSS

Exploits0References4

CNNVD•added 2026/03/31 12:0 a.m.•5 views

artifex mupdf 安全漏洞

Artifex MuPDF is a rich-text editor developed by individual developers. Unlike standard text editors, programmers can download free rich-text editors and embed them on their own websites or programs of course, paid versions offer more powerful features. This makes it convenient for users to edit...

7.8CVSS6.4AI score0.0002EPSS

Exploits0References3

Cvelist•added 2026/02/06 4:11 p.m.•25 views

CVE-2026-25556 MuPDF 1.23.0 through 1.27.0 Barcode Decoding Double Free

MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...

5.9CVSS0.00024EPSS

Exploits1References4

Positive Technologies•added 2026/02/06 12:0 a.m.•4 views

PT-2026-6683

Name of the Vulnerable Software and Affected Versions micropython versions prior to 1.27.0 Description A flaw exists in micropython up to version 1.27.0. This issue is related to memory corruption caused by manipulation of the mp import all function within the py/runtime.c file. The attack requir...

4.8CVSS5.1AI score0.0001EPSS

Exploits1References15

OSV•added 2026/02/02 11:16 p.m.•0 views

UBUNTU-CVE-2025-6593

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

2.1CVSS5.8AI score0.00019EPSS

Exploits0References6

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-6730

Name of the Vulnerable Software and Affected Versions MuPDF versions 1.23.0 through 1.27.0 Description MuPDF versions 1.23.0 through 1.27.0 have a double-free issue in the fz fill pixmap from display list function during display list rendering. This occurs when an exception happens, causing the...

5.9CVSS5.5AI score0.00024EPSS

Exploits1References16

CVE•added 2025/12/26 11:46 p.m.•7 views

CVE-2025-68148

The CVE-2025-68148 issue affects FreshRSS versions 1.27.0 through before 1.28.0. An attacker could globally deny access to feeds by manipulating proxy settings to generate a flood of 429 Retry-After responses, effectively making the instance unusable for most users. The vulnerability is addressed...

7.5CVSS6.4AI score0.0002EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2025/11/20 9:37 p.m.•4 views

CVE-2025-65089

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...

6.8CVSS6.8AI score0.00017EPSS

Exploits0References1

CVE•added 2025/11/19 5:41 p.m.•7 views

CVE-2025-65089

CVE-2025-65089 affects XWiki Remote Macros. Prior to version 1.27.0, a user with no view rights on a page could see the content of an office attachment rendered via the view file macro. This is a data leak due to mis-authorization in the macro rendering path. The issue has been patched in version...

6.8CVSS6.4AI score0.00017EPSS

Exploits0References1Affected Software1