CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted media fil...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20616

CVE-2026-20616: An out-of-bounds write issue affecting USD file processing was mitigated by improved bounds checking. It is fixed in iOS 18.7.5 / iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, and visionOS 26.3. Exploitation could cause unexpected app termination. This CVE, tied to multipl...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20611

CoreAudio in Apple platforms is affected by CVE-2026-20611, an out-of-bounds access issue that can cause an app to terminate or memory corruption when processing a malicious media file. Affected products/versions include iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...

PT-2026-7750

Name of the Vulnerable Software and Affected Versions macOS Tahoe versions prior to 26.3 macOS Sonoma versions prior to 14.8.4 macOS Sequoia versions prior to 15.7.4 watchOS versions prior to 26.3 tvOS versions prior to 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS...

PT-2026-7754

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 macOS Sonoma versions prior to 14.8.4 macOS Tahoe versions prior to 26.3 visionOS versions prior to 26.3 Description An out-of-bounds write issue exists due to insufficient bounds...

About the security content of macOS Sequoia 15.7.4

About the security content of macOS Sequoia 15.7.4 This document describes the security content of macOS Sequoia 15.7.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

AMD EPYC 9005 Series 安全漏洞

The AMD EPYC 9005 Series is a series of processors developed by American semiconductor company AMD. The AMD EPYC 9005 Series contains security vulnerabilities, which stem from improper bounds checking. These vulnerabilities may lead to writes to host memory and loss of integrity...

Oracle Linux 10 : kernel (ELSA-2026-2282)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2282 advisory. - mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. Davide Caratti RHEL-129044 CVE-2025-40133 - vsock/vmci: Clear the vmci transport packet...

kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters, leading to an out ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005169 advisory. In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemapread If the caller supplies an iocb-kipos value that is...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21735)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21735 advisory. - In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in...

MiracleLinux 9 : webkit2gtk3-2.46.1-2.el9_4 (AXSA:2024-8945:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8945:04 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web...

kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses

A bounds-checking flaw was found in the Linux kernel Small Computer System Interface Enclosure Services driver in the way descriptor pointers are validated while processing enclosure data. Missing checks could allow an out-of-bounds access during parsing. A local user could use this flaw to crash...

SUSE CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001164 advisory. An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002593 advisory. An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to re...