CVE-2026-0539

Summary: CVE-2026-0539 describes a local privilege escalation in the pcvisit Windows service. The issue arises from incorrect default permissions on the pcvisit service binary, allowing a low-privileged local attacker to replace the binary with arbitrary contents. The service binary runs with SYS...

[SECURITY] Fedora 42 Update: python-cbor2-5.6.5-8.fc42

This library provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 7049 serialization format...

[SECURITY] Fedora 43 Update: python-cbor2-5.6.5-8.fc43

This library provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 7049 serialization format...

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. There is a security vulnerability in uutils coreutils. This vulnerability stems from the comm utility, which silently damages data by performing a destructive UTF-8 conversion on all output lines. This...

pcvisit service binary 安全漏洞

The pcvisit service binary is a remote support software backend component provided by the German company pcvisit. There is a security vulnerability in the pcvisit service binary. This vulnerability stems from incorrect default permissions, allowing local attackers with low privileges to elevate...

PT-2026-34314

Name of the Vulnerable Software and Affected Versions binutils affected versions not specified Description A heap-buffer-overflow occurs when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing thi...

PT-2026-34330

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NTSYSTEM privileges on boot. This issue affects all...

PT-2026-34482

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::from utf8 lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm,...

angr 9.2.212

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013789 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...

CVE-2026-40938

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation...

PT-2026-34037

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple...

Adobe DNG File Security Scanner

This program is a defensive security tool designed to analyze DNG Digital Negative image files and detect potential signs of malicious manipulation or exploit attempts. It performs a low-level inspection of the file structure by parsing the TIFF header and scanning raw binary content for suspicio...

Adding Compilation Metadata to Binaries to Make Disassembly Decidable

The binary executable format is the standard method for distributing and executing software. Yet, it is also as opaque a representation of software as can be. If the binary format were augmented with metadata that provides security-relevant information, such as which data is intended by the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011193 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011208 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak:...

CVE-2026-40527

A flaw was found in radare2. A remote attacker can exploit this by crafting an ELF Executable and Linkable Format binary that embeds malicious commands within its DWARF Debugging With Attributed Record Formats parameter names. When radare2 analyzes such a binary, these embedded commands are...

CLSA-2026-1776691972 binutils: Fix of CVE-2025-7545

CVE-2025-7545: fix heap buffer overflow in objcopy copysection...

BinDiff 8

BinDiff is an open-source comparison tool for binary files to quickly find differences and similarities in disassembled code...

angr 9.2.211

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...