CVE-2026-44420 FreeRDP cliprdr server heap-buffer-overflow via undersized capabilitySetLength in CB_CLIP_CAPS

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

CVE-2026-44420 FreeRDP cliprdr server heap-buffer-overflow via undersized capabilitySetLength in CB_CLIP_CAPS

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

FreeRDP 安全漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained security vulnerabilities. These vulnerabilities stemmed from malicious RDP clients being able to trigger a heap buffer overflow write in the server-side clipboard...

Security update provided in Brocade ASCG3.4.0b Base OS (OVA Deployment) for Rocky Linux Kernel

Security update provided in Brocade ASCG3.4.0b Base OS OVA Deployment for Rocky Linux Kernel CVE-2022-50673 - Linux Kernel 'ext4' Vulnerable to Use-After-Free via Improper Error Handling in 'ext4orphancleanup' CVE-2022-50865 - Linux Kernel Vulnerable to Signed Integer Overflow via Backlog Limit...

EUVD-2026-29553

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

CVE-2026-31230

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

CVE-2026-31230

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

CVE-2026-31230

The CVE-2026-31230 vulnerability concerns the Adversarial Robustness Toolbox (ART) up to v1.20.1, specifically in its Kubeflow component (robustness_evaluation_fgsm_pytorch.py). The issue arises from using unsafe eval() to parse string values passed via --clip_values and --input_shape, enabling a...

PT-2026-40117

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustness evaluation fgsm pytorch.py. The script uses the unsafe eval function to parse string values provided via the --clip values and --input shape command-lin...

CVE-2026-31230

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevented NULL dereferencing in clippush The committed code failed to account for calls to vccDestroySocket where clippush is used with a NULL skb. If clipdevs is NULL, clippush then crashes when reading skb-truesize...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fixed an infinite recursive call of clippush. syzbot reported this issue below. 0 This issue occurs when we call ioctlATMARPMKIP more than once. During the first call, clipmkip sets clippush to vcc-push; during the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007555 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in toatmarpd. atmarpd is protected by RTNL since commit...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007437)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007437 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it...

UBUNTU-CVE-2026-33019

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INTMAX are accepted without overflow-safe bounds...

CLIP-Inspector: Model-Level Backdoor Detection for Prompt-Tuned CLIP Via OOD Trigger Inversion

Organisations with limited data and computational resources increasingly outsource model training to Machine Learning as a Service MLaaS providers, who adapt vision-language models VLMs such as CLIP to downstream tasks via prompt tuning rather than training from scratch. This semi-honest setting...

CVE-2026-33978

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...

CVE-2026-33978

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...

CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...

CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...