GHSA-WX45-VX6H-76CQ vulnerabilities

Vulnerabilities for packages: openjdk-21-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-17-openj9, openjdk-8-openj9...

GHSA-G75F-42VW-M3XV vulnerabilities

Vulnerabilities for packages: openjdk-21-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-25-openj9, openjdk-17-openj9, openjdk-8-openj9...

May 26, 2026—KB5089573 (OS Builds 26200.8524 and 26100.8524) Preview

May 26, 2026—KB5089573 OS Builds 26200.8524 and 26100.8524 Preview ​​​​This cumulative update for Windows 11, version 25H2 and 24H2 KB5089573, includes production-quality improvements. Visit the Windows release health dashboard for the latest status on this release. Announcements and messages Thi...

CVE-2026-34640

Media Encoder CVE-2026-34640 affects versions 26.0.2, 25.6.4 and earlier with an Integer Overflow or Wraparound (CWE-190). The issue could allow arbitrary code execution in the context of the current user and requires user interaction (victim must open a malicious file). These details confirm the...

EUVD-2026-22650

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

April 14, 2026—KB5083769 (OS Builds 26200.8246 and 26100.8246)

April 14, 2026—KB5083769 OS Builds 26200.8246 and 26100.8246 This cumulative update for Windows 11, version 25H2 and 24H2 KB5083769, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences...

CVE-2026-35186

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally i...

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal

LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...

CVE-2026-21351

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21329

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21323

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21329

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21329

CVE-2026-21329 affects After Effects versions 25.6 and earlier. It is a Use After Free vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim must open a malicious file. No additional details on...

CVE-2026-21350

After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CVE-2026-21320

Adobe After Effects up to version 25.6 is affected by a Use-After-Free vulnerability that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a crafted malicious file. CVSS: 3.1, base score 7.8 (HIGH), with LOCAL atta...

CVE-2026-21313 Audition | Out-of-bounds Read (CWE-125)

Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must...

PT-2026-7380

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-9432

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...

CVE-2024-9432 Cleartext Storage of Sensitive Information vulnerability has been discovered in OpenText™ Vertica.

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...