CVE-2026-48566

CVE-2026-48566 is an information-disclosure vulnerability in the Windows DWM Core Library characterized by an out-of-bounds read. It can be exploited by an authorized attacker with local access to disclose information on the system. The CVSS 3.1 vector indicates Local attack, Low complexity, Priv...

Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the NewNTUnicodeString function. An attacker can cause a truncated string rather than an error to be returned by convincing a user to access a filename of excessive length. Remediation Upgrade...

[SECURITY] Fedora 44 Update: mingw-libpng-1.6.56-1.fc44

MinGW Windows Libpng library...

[SECURITY] Fedora 43 Update: mingw-LibRaw-0.21.5-3.fc43

MinGW Windows LibRaw library...

[SECURITY] Fedora 43 Update: mingw-libpng-1.6.56-1.fc43

MinGW Windows Libpng library...

[SECURITY] Fedora 44 Update: mingw-freetype-2.14.2-1.fc44

MinGW Windows Freetype library...

[SECURITY] Fedora 43 Update: mingw-libpng-1.6.55-1.fc43

MinGW Windows Libpng library...

[SECURITY] Fedora 43 Update: mingw-glib2-2.86.3-3.fc43

MinGW Windows Glib2 library...

[SECURITY] Fedora 42 Update: mingw-glib2-2.84.4-2.fc42

MinGW Windows Glib2 library...

Important: Red Hat Security Advisory: mingw-libpng security update

An update for mingw-libpng is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

[SECURITY] Fedora 42 Update: mingw-libpng-1.6.53-1.fc42

MinGW Windows Libpng library...

[SECURITY] Fedora 43 Update: mingw-libpng-1.6.53-1.fc43

MinGW Windows Libpng library...

CVE-2025-64680

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

Post-exploitation framework now also delivered via npm

Incident description The first version of the AdaptixC2 post-exploitation framework, which can be considered an alternative to the well-known Cobalt Strike, was made publicly available in early 2025. In spring of 2025, the framework was first observed being used for malicious means. In October...

[SECURITY] Fedora 42 Update: mingw-exiv2-0.28.7-1.fc42

MinGW Windows exiv2 library...

[SECURITY] Fedora 42 Update: mingw-poppler-24.08.0-6.fc42

MinGW Windows Poppler library...

EUVD-2024-23448

Malicious code in bioql PyPI...

CVE-2025-50153

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally...

CVE-2025-47962

Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally...