CVE-2026-34683 Substance3D - Designer | Out-of-bounds Write (CWE-787)

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34683

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

vulnerabilities handled in Microsoft Developer Tools

Microsoft has addressed vulnerabilities in various Developer Tools. A malicious individual could exploit these vulnerabilities to carry out attacks that can cause the following types of damage: - Denial-of-Service DoS attacks - Bypass of security measures - Execution of arbitrary code user rights...

CVE-2026-34687

CVE-2026-34687 affects Adobe Illustrator versions 29.8.6, 30.3 and earlier. It is a heap-based buffer overflow vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The connected d...

CVE-2026-34676

Affected product : Substance3D Painter; versions 12.0.2 and earlier. Vulnerability : out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Impact : arbitrary code execution if exploited. Conditions : exploitation requires user interaction; a v...

CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34643 After Effects | Out-of-bounds Write (CWE-787)

After Effects versions 26.0, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34640 Media Encoder | Integer Overflow or Wraparound (CWE-190)

Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34639 Media Encoder | Out-of-bounds Write (CWE-787)

Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34639 Media Encoder | Out-of-bounds Write (CWE-787)

Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34637 Premiere Pro | Out-of-bounds Write (CWE-787)

Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34638

Premiere Pro is affected by a Use-After-Free vulnerability (CWE-416) in versions 26.0.2, 25.6.4 and earlier. The issue could lead to arbitrary code execution in the user’s context. Exploitation requires user interaction to open a malicious file. The connected records identify the affected version...

CVE-2026-34636

Premiere Pro is affected by an out-of-bounds write (CWE-787) in versions 26.0.2, 25.6.4 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The CVSS metrics indicate a high-severity, local ...

CVE-2026-42045

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/features/Portal/Artifacts/Body/Renderer/index.tsx, if no type match is found, it will choose to call the...

CVE-2026-31224

The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability CWE-502 in the MultitaskClassifier.load method of the MultitaskClassifier class. The method loads model weight files using torch.load without enabling the security-restrictive weightsonly=True parameter. This...

CVE-2026-31217

The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from...

CVE-2026-31219

The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 is vulnerable to insecure deserialization CWE-502. When a user provides a single model file path e.g., .pt or .pth via the --model command-line argumen...

Arbitrary Code Injection

Overview protobufjs-cli is a Translates between file formats and generates static code as well as TypeScript definitions. Affected versions of this package are vulnerable to Arbitrary Code Injection via the pbjs static code generation. An attacker can execute arbitrary code by providing crafted...

Arbitrary Code Injection

Overview protobufjs is a protocol buffer for JavaScript & TypeScript. Affected versions of this package are vulnerable to Arbitrary Code Injection via the pbjs static code generation. An attacker can execute arbitrary code by providing crafted schema names that are incorporated into generated...