CVE-2026-12491

A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...

MGASA-2022-0006 Updated singularity packages fix security vulnerability

A dependency used to extract docker/OCI image layers can be tricked into modifying host files by creating a malicious layer that has a symlink with the name "." or "/", when running as root. CVE-2021-29136 Dde to incorrect use of a default URL, singularity action commands run/shell/exec specifyin...

The vulnerability of Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to improper syntactic analysis of page content or interpretation of data entered by users. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to incorrect syntax analysis of page content or improper interpretation of data entered by users. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

WebCalendar 1.0.1 Layers_Toggle.PHP HTTP Response Splitting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15673/info WebCalendar is prone to an HTTP response-splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to...