CVE-2026-11183

An out of bounds read flaw was found in the GWP-ASan component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502768780...

SUSE CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

DEBIAN-CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2026-11183

CVE-2026-11183 describes an out-of-bounds read in GWP-ASan used by Google Chrome, allowing a local attacker to read potentially sensitive data from a process’s memory via a malicious file. Affected software: Google Chrome (GWP-ASan component). Impact: potential exposure of sensitive information; ...

CVE-2026-11183

Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

dnsmasq_2.92_pocs

dnsmasq 2.92 — Proof of Concepts Self-contained reproduction...

GHSA-XPHW-CQX3-667J thin-vec: Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics

Summary A Double Free / Use-After-Free UAF vulnerability has been identified in the IntoIter::drop and ThinVec::clear implementations of the thinvec crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code — no unsafe blocks required...

CVE-2026-33020

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixelframeconverttorgb888 in frame.c, where allocation size and pointer offset computations for palettised images PAL1, PAL...

UBUNTU-CVE-2026-33020

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixelframeconverttorgb888 in frame.c, where allocation size and pointer offset computations for palettised images PAL1, PAL...

PT-2026-29399

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

CVE-2026-21888

CVE-2026-21888 affects NanoMQ (MQTT v5) where get_var_integer() in the Variable Byte Integer parser accepts 5-byte varints without bounds checks, causing an out-of-bounds read and potential crash when built with ASan. Impact is described as high severity (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N...

curl: CVE-2026-3805: use after free in SMB connection reuse

Summary A heap-use-after-free occurs in smbsendopen at lib/smb.c when curl processes two SMB URLs targeting the same host. The function smbparseurlpath sets req-path as a non-owning pointer into smbc-share connection-owned memory. During connection reuse, the needle connection is freed via...

Linux Distros Unpatched Vulnerability : CVE-2025-66869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow vulnerability in function strcat in asaninterceptors.cpp in libming 0.4.8. CVE-2025-66869 Note that Nessus relies on the presence of the package...

CVE-2025-66869

Buffer overflow vulnerability in function strcat in asaninterceptors.cpp in libming 0.4.8...

CVE-2025-66869

Buffer overflow vulnerability in function strcat in asaninterceptors.cpp in libming 0.4.8...

CVE-2025-66869

Buffer overflow vulnerability in function strcat in asaninterceptors.cpp in libming 0.4.8...