CVE-2026-8587

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

EUVD-2026-30407

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume th...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

MAL-2026-3761 Malicious code in ethers-signing-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6735be7311be4f6b4f609762cfb77504fe141bc9d8d5b5c0a75d521119aa2fa The package's npm postinstall hook executes a one-liner that uses childprocess.exec to curl/wget an unpinned Python script from a personal user's...

MAL-2026-3750 Malicious code in bigint.fs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb3e0cb5c95475ce69c3672be6acfb9283bc6e29a1d7ba7452c922e7dc96a966 On require/import, index.js runs an IIFE that POSTs a getAccountInfo RPC call to https://api.devnet.solana.com for Solana account...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the StandardEvaluationContext method. An attacker can execute arbitrary code and exfiltrate credentials by supplying crafted Spring Expression Language SpEL expressions as an authenticated user with...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the StandardEvaluationContext method. An attacker can execute arbitrary code and exfiltrate credentials by supplying crafted Spring Expression Language SpEL expressions as an authenticated user with...

EUVD-2026-30359

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decodeURIComponent before assigning to messageElement.innerHTML in app/src/dialog/tooltip.ts:41. The...

CVE-2026-44588

SiYuan (desktop) contains a DOM-based RCE chain stemming from CVE-2026-44588. In versions < 3.7.0, tooltip text is produced by escaping only certain HTML chars with escapeAriaLabel, leaving %XX sequences intact. The aria-label attribute thus stores a URL-escaped payload like %3Cimg...%3E. The ...

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data

A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the refint process. An attacker can execute arbitrary code as the operating system user running the database or execute arbitrary SQL as the database user performing a primary key update by providing...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via integer wraparound in the allocation process. An attacker can execute arbitrary code or cause a segmentation fault by providing specially crafted, large-scale inputs to database functions. Remediation ...

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...