EUVD-2026-37865

8cc is vulnerable to an Out‑of‑Bounds Read due to improper handling of line directives and GNU linemarkers. The compiler accepts attacker-controlled filename and line number metadata and later uses it without validation when accessing source line arrays. By supplying invalid or oversized line...

EUVD-2026-34237

Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035...

CVE-2026-42197

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

CVE-2026-39103

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...

UBUNTU-CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

Command Injection

Overview flowsint is an Add your description here Affected versions of this package are vulnerable to Command Injection via the orgtoasn transform process. An attacker can execute arbitrary operating system commands as root on the host machine by supplying shell metacharacters and escaping the...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the query plugin. An attacker can gain unauthorized access to resources belonging to other organizations by executing VQL queries with their current ACL token, thereby inheriting their permissions across...

Replay Attack

Overview @openclaw/voice-call is an OpenClaw voice-call plugin Affected versions of this package are vulnerable to Replay Attack due to improper derivation of the replay key in the webhook-security.ts process. An attacker can bypass replay protection and submit multiple authenticated requests by...

EUVD-2026-14500

AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr...

Server-side Request Forgery (SSRF)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the isSSRFSafeURL function in the unauthenticated plugin/LiveLinks/proxy.php endpoint. An attacker can access internal network...

Origin Validation Error

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Origin Validation Error via the @localcheck decorator. An attacker can gain unauthorized access to restricted API endpoints by spoofing the Host header in...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the WebSocket connect process. An attacker can inject unauthorized node.event messages by connecting with a shared gateway token and claiming role=node without...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the bypass method. An attacker can access internal network resources by leveraging a 302 redirect to bypass existing security restrictions. PoC python from flask import Flask, redirect app = Flasknam...

Expired Pointer Dereference

Overview Affected versions of this package are vulnerable to Expired Pointer Dereference via mongocbulkoperationt when large options are passed. An attacker can cause the application to read invalid memory. Remediation Upgrade mongo-c-driver to version 1.30.6 or higher. References - GitHub Commit...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the uclincludecommon function. An attacker can execute arbitrary code or cause a denial of service by supplying crafted input to this function. Remediation A fix was pushed into the master branch but not y...

DEBIAN-CVE-2023-53324

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...

OS Command Injection

Overview @wong2/mcp-cli is an A CLI inspector for the Model Context Protocol Affected versions of this package are vulnerable to OS Command Injection via the redirectToAuthorization function in src/oauth/provider.js. Attackers can setup a MCP server with compatible OAuth authorization server...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the SplitRTR function in the rtr.go file, which allows access to data without checking the input length. An attacker can cause a denial of service by sending specially crafted input. Remediation Upgrade...