CVE-2026-8795

A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...

EUVD-2026-35270

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

CVE-2026-30141

The CVE-2026-30141 entry concerns bitbank2 AnimatedGIF v2.2.0, where a vulnerability in DecodeLZW constitutes a buffer overflow. This allows remote attackers to cause a crash (DoS) or potentially execute arbitrary code via a crafted GIF file. The available documents specify the affected product a...

PT-2026-47958

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

Adobe Reader < 26.001.21662 Multiple Vulnerabilities (APSB26-63)

The version of Adobe Reader installed on the remote Windows host is a version prior to 26.001.21662. It is, therefore, affected by multiple vulnerabilities. - Stack-based Buffer Overflow CWE-121 potentially leading to Arbitrary code execution CVE-2026-47959 - Out-of-bounds Write CWE-787 potential...

Adobe InCopy < 20.5.4 / 21.0 < 21.4.0 Multiple Vulnerabilities Arbitrary code execution (APSB26-59)

The version of Adobe InCopy installed on the remote host is prior to 20.5.4, 21.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-59 advisory. - Stack-based Buffer Overflow CWE-121 potentially leading to Arbitrary code execution CVE-2026-34708 - Out-of-bounds...

PT-2026-48140

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

APSB26-65 : Security update available for Adobe Format Plugins

Adobe has released an update for Adobe Format Plugins. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

APSB26-59 : Security update available for Adobe InCopy

Adobe has released a security update for Adobe InCopy. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

APSB26-64 : Security update available for Adobe ColdFusion

Adobe has released security updates for ColdFusion versions 2025 and 2023. These updates resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass...

RHEL 10 : libyang (RHSA-2026:24758)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24758 advisory. Libyang is YANG data modeling language parser and toolkit written and providing API in C. Security Fixes: libyang: libyang: Denial of Service or...

PT-2026-48146

InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-36722

CVE-2026-36722 is an authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3. The issue allows an attacker with valid credentials to upload a crafted file and potentially execute arbitrary code. All documented sources describe the same vulnerabili...

PT-2026-48247

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the Multimedia Rendition component, which could lead to arbitrary code execution in the context of the current user. This occurs when a user...

Adobe Acrobat < 24.001.30383 / 26.001.21662 Multiple Vulnerabilities (APSB26-63)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 24.001.30383 or 26.001.21662. It is, therefore, affected by multiple vulnerabilities. - Stack-based Buffer Overflow CWE-121 potentially leading to Arbitrary code execution CVE-2026-47959 - Out-of-bounds Write...

Adobe InDesign < 20.5.4 / 21.0 < 21.4.0 Multiple Vulnerabilities (APSB26-58) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 20.5.4, 21.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-58 advisory. - InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability th...

PT-2026-48217

Name of the Vulnerable Software and Affected Versions SQLite versions prior to 3.53.2 Description Memory corruption issues exist in the FTS5 full-text search extension. An attacker can cause process crashes, memory exhaustion, or arbitrary code execution by providing a crafted database containing...

ROS-20260609-73-0007

The vulnerability of the ngxhttprewritemodule module in NGINX Plus and NGINX Open Source web servers is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack by sending a specially crafte...

APSB26-66 : Security update available for Adobe Campaign Classic

Adobe has released security updates for Adobe Campaign Classic. This update addresses critical vulnerabilities that could result in arbitrary code execution...

AlmaLinux 8 : libyang (ALSA-2026:24545)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:24545 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...