Adobe Bridge 15.1.3 < 15.1.4 / 16.x < 16.0.2 Multiple Vulnerabilities (APSB26-21)

The version of Adobe Bridge installed on the remote Windows host is prior to 15.1.4 or 16.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-21 advisory. - Integer Overflow or Wraparound CWE-190 potentially leading to Arbitrary code execution CVE-2026-21347 -...

Adobe After Effects < 25.6.4 Multiple Vulnerabilities (APSB26-15)

The version of Adobe After Effects installed on the remote Windows host is prior to 25.6.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-15 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2026-21320, CVE-2026-21323,...

Adobe After Effects 资源管理错误漏洞

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects 25.6 and earlier versions suffer from a Memory Free Aft...

APSB26-19 : Security update available for Adobe Substance 3D Designer

Adobe has released an update for Adobe Substance 3D Designer that addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, application denial-of-service, and memory exposure in the context of the current user...

APSB26-20 : Security update available for Adobe Substance 3D Stager

Adobe has released an update for Adobe Substance 3D Stager. This update addresses critical vulnerabilities in Adobe Substance 3D Stager that could lead to arbitrary code execution...

APSB26-17 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to memory exposure, arbitrary code execution, and application denial-of-service...

APSB26-06 : Security update available for Adobe Lightroom Classic

Adobe has released updates for Adobe Lightroom Classic. This update addresses a critical vulnerability that could lead to arbitrary code execution...

AlmaLinux 9 : python3.12-wheel (ALSA-2026:1939)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1939 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

Adobe After Effects 资源管理错误漏洞

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

Adobe After Effects < 25.6.4 Multiple Vulnerabilities (APSB26-15) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 25.6.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-15 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2026-21320, CVE-2026-21323,...

Adobe Lightroom Classic < 15.1.1 Arbitrary code execution (APSB26-06) (macOS)

The version of Adobe Lightroom Classic installed on the remote macOS host is prior to 15.1.1. It is, therefore, affected by a vulnerability as referenced in the APSB26-06 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-21349 Note that Nessus has no...

Adobe Lightroom Classic < 15.1.1 Arbitrary code execution (APSB26-06)

The version of Adobe Lightroom Classic installed on the remote Windows host is prior to 15.1.1. It is, therefore, affected by a vulnerability as referenced in the APSB26-06 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-21349 Note that Nessus has...

AMD µProf Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-61969| Incorrect permission assignment in AMD µProf performance analysis tool-suite may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in...

AMD Graphics Driver Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description | CVSS Score ---|---|--- CVE-2024-36324| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.| 8.8 High...

CVE-2026-25894

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is...

CVE-2026-25893

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrative access via the heartbeat refresh API and execute arbitrary code on the server. This issue has...

CVE-2026-25925

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25961 SumatraPDF Update MITM -> Arbitrary Code Execution

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification INTERNETFLAGIGNORECERTCNINVALID and executes installers without signature checks. A network attacker with any valid TLS certificate e.g., Let's Encrypt can...

CVE-2026-25880

SumatraPDF (Windows)