CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11637

Use after free in Views in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2026-11637

Use after free in Views in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2026-11639

Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11639

Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11641

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

DEBIAN-CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

PT-2026-47910

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A heap-based buffer overflow in the Remote Desktop Client allows an unauthorized attacker to execute code over a network. A heap-based buffer overflow occurs when a program writes...

Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2026-30141

The CVE-2026-30141 entry concerns bitbank2 AnimatedGIF v2.2.0, where a vulnerability in DecodeLZW constitutes a buffer overflow. This allows remote attackers to cause a crash (DoS) or potentially execute arbitrary code via a crafted GIF file. The available documents specify the affected product a...

PT-2026-47960

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-47958

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-47934

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-48109

Name of the Vulnerable Software and Affected Versions Windows Media affected versions not specified Description A heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute arbitrary code locally or remotely, potentially affecting the entire system. A heap-based buffer...

Progress Software Kemp LoadMaster dodelapikey Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the dodelapikey method. The issue results from the lack of proper...

PT-2026-48031

Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description An issue in Microsoft Office, specifically affecting the Microsoft Outlook email client and Microsoft Word text editor, involves type confusion—where a resource is accessed using an...

PT-2026-47826

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...