RHEL 10 : python-wheel (RHSA-2026:2865)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2865 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

Debian dsa-6139 : gimp - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6139 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6139-1 [email protected]...

PT-2026-20488

Name of the Vulnerable Software and Affected Versions Autodesk AutoCAD affected versions not specified Description A specially designed CATPART file can trigger an Out-of-Bounds Write issue when processed by specific Autodesk products. Successful exploitation could lead to a program crash, data...

RHEL 9 : python3.12-wheel (RHSA-2026:2866)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2866 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Fedora 42 : gnupg2 (2026-59fdfa64f5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-59fdfa64f5 advisory. Fix CVE-2026-24882: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution Tenable has extracted the preceding description block directly...

OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2292 OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability February 18, 2026 CVE Number CVE-2025-61982 SUMMARY An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A...

CVE-2026-23599 Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux

A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges...

[SECURITY] [DSA 6138-1] libpng1.6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6138-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 17, 2026 https://www.debian.org/security/faq -...

Incomplete Fix for CVE-2025-10279: get_or_create_nfs_tmp_dir() Still Creates World-Writable (0o777) Directories Enabling Local Code Execution

Description Description CVE-2025-10279 huntr bounty 01d3b81e identified that MLflow's getorcreatetmpdir created temporary directories with world-writable permissions 0o777, enabling local attackers to tamper with model artifacts and achieve arbitrary code execution. The fix PR 17544, commit...

CVE-2026-1334

An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file...

CVE-2026-1335

An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file...

CVE-2026-2630

A Command Injection vulnerability exists where an authenticated, remote attacker could execute arbitrary code on the underlying server where Tenable Security Center is hosted...

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...

freerdp: FreeRDP: Arbitrary code execution and denial of service via malicious server

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a use-after-free vulnerability by enticing a client to connect to it. This can lead to a client-side crash, resulting in a Denial of Service DoS, and potentially allow for arbitrary...

freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...

freerdp: FreeRDP: Denial of Service and potential code execution via use-after-free vulnerability

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit this vulnerability when a client connects to it. Specifically, offscreen bitmap deletion can lead to a use-after-free UAF condition, where the client attempts to use memory that has...

CVE-2026-1046

Mattermost Desktop App versions =6.0 6.2.0 5.2.13.0 fail to validate help links which allows a malicious Mattermost server to execute arbitrary executables on a user’s system via the user clicking on certain items in the Help menu Mattermost Advisory ID: MMSA-2026-00577...

USN-8047-1 pillow vulnerability

Yarden Porat discovered that Pillow incorrectly handled certain malformed PSD images. An attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-65715

An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...