3674 matches found
CVE-2026-14650
Technical details about CVE-2026-14650 are not publicly available in the provided documents. Monitor for updates.
UBUNTU-CVE-2026-53346
In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...
CVE-2026-57451
A flaw in Vim allows an attacker to cause a Denial of Service DoS via an application crash. If a user opens a maliciously crafted undo file, an out-of-bounds read is triggered in the gettextprops function due to missing length validation on property counts. Mitigation Users are advised to avoid...
CVE-2026-53110
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler for the s390x architecture. The system's Application Binary Interface ABI requires that unsigned arguments and return values be zero-extended. However, the BPF JIT compiler incorrectly performed only sign...
CVE-2026-21734
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
EUVD-2026-39785
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
CVE-2026-21734 GPU DDK - libusc OOB write at TreeRemove during WebGPU shader compilation
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
CVE-2026-21734
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
PT-2026-52841
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A GPU shader compiler library contains a flaw where loading a web page with unusual GPU shader code can trigger an out-of-bounds write. This occurs during an edg...
EUVD-2026-38967
In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIGCFICLANG to CONFIGCFI This was renamed in commit 23ef9d439769 "kcfi: Rename CONFIGCFICLANG to CONFIGCFI" as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out...
EUVD-2026-38268
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an issue in the @angular/compiler package allows bypassing DOM property sanitization through the use of two-way property...
CVE-2026-54265
The CVE-2026-54265 issue affects the Angular @angular/compiler, where two-way binding on sensitive native DOM properties (e.g., innerHTML, src, href, data, sandbox) can bypass the sanitizer resolution. Prior to versions 22.0.1, 21.2.17, and 20.3.25, the template compiler failed to apply the appro...
CVE-2026-54265
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an issue in the @angular/compiler package allows bypassing DOM property sanitization through the use of two-way property...
Cross-Site Scripting (XSS)
Angular is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the Angular template compiler failing to apply the required sanitizer for sensitive native DOM properties used with two-way property bindings, which allows an attacker to bypass Angular's built-in DOM sanitization and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: es58xrxerrmsg – fixed a memory leak in the error handling path. In es58xrxerrmsg, if can-dosetmode fails, the function directly returns without calling netifrxskb. This means that the skb allocated by alloccanerrs...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in Oracle Java SE Component: Compiler. The supported versions affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. This vulnerability is difficult to exploit, allowing an unauthenticated attacker with network access via multiple protocols to compromise...
Astra Linux – Vulnerability in Linux
In memzeroexplicit of compiler-clang.h, there is a possible way to bypass defense in depth due to uninitialized data. This could lead to the disclosure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android...
Astra Linux – Vulnerability in openjdk-11, bcel
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...
Astra Linux – Vulnerability in Firefox and Thunderbird
A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and Thunderbird 102.10...
Astra Linux – Vulnerability in Firefox
A memory-out-of-memory condition during object initialization could lead to an empty shape list. If the JIT compiler traces the object subsequently, it will cause a crash. This vulnerability affects Firefox versions less than 125...