PT-2026-38395

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description Sandboxed code can call the Buffer.alloc function with an arbitrary size to allocate memory directly on the host heap. Because Buffer.alloc is a synchronous C++ native call, the timeout option cannot...

CVE-2026-31660

A flaw was found in the Linux kernel's Near Field Communication NFC pn533 driver. This vulnerability arises from an issue in how the driver manages receive buffers. When processing incoming data, the driver may attempt to write to a non-existent buffer if a new one fails to allocate. This can lea...

CVE-2026-41416 PJSIP: Asymmetric ptime integer overflow in Media Stream

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an integer overflow in media stream buffer size calculation when processing SDP with asymmetric ptime configuration. The overflow may result in an undersized buffer allocation, which can...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011244 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from inconsistencies in byte-per-pixel calculations and pixel buffer allocations within the PSD encoder. This can lead to heap buffer overflows...

UBUNTU-CVE-2026-40915

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when processing pixel...

CVE-2026-40915

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when processing pixel...

CVE-2026-32316

A flaw was found in jq, a command-line JSON processor. An attacker can exploit an integer overflow vulnerability by crafting queries that produce extremely large strings. This causes a 32-bit unsigned integer overflow in the buffer allocation size calculation, leading to a drastically undersized...

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

DEBIAN-CVE-2026-4151

GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

CVE-2026-4154

ZDI-26-221 describes a remote code execution vulnerability in GIMP caused by an integer overflow during XPM file parsing. The flaw occurs due to inadequate validation of XPM data, leading to an overflow when allocating a buffer. Exploitation requires user interaction (target must open a malicious...

CVE-2026-33781

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...

CVE-2026-5444

The CVE-2026-5444 entry describes a heap buffer overflow in Orthanc’s PAM image parsing when processing DICOM files with a crafted PAM image. The flaw arises from multiplying image dimensions using 32-bit unsigned arithmetic, which can overflow during buffer size calculation. This results in allo...

CVE-2026-5444 Heap Buffer Overflow in PAM Image Buffer Allocation

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

CVE-2026-5444 Heap Buffer Overflow in PAM Image Buffer Allocation

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

EUVD-2026-9087

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

CVE-2025-8860

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. Wh...

nodejs: Nodejs uninitialized memory exposure

A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...

nodejs: Nodejs uninitialized memory exposure

A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...