DEBIAN-CVE-2026-40916

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

CVE-2026-40186

ApostropheCMS is affected by CVE-2026-40186 due to a regression in sanitize-html (commit 49d0bb7) that bypasses allowedTags for text inside nonTextTagsArray elements (textarea, option). Versions: the vulnerability exists in ApostropheCMS 4.28.0 via its sanitize-html dependency (2.17.1). The root ...

CVE-2026-40186 ApostropheCMS: sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements

ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...

CVE-2026-40186 ApostropheCMS: sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements

ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...

CVE-2026-21726 Loki Path Traversal - CVE-2021-36156 Bypass

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/namespace Thanks to Prasanth Sundararajan for reporting this vulnerability...

CVE-2026-21726

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/namespace Thanks to Prasanth Sundararajan for reporting this vulnerability...

CVE-2026-40916 Gimp: gimp: denial of service due to stack buffer overflow in tim image loader

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

Cross-site Scripting (XSS)

Unhead is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper decoding and validation of HTML entities in URI schemes, which allows an attacker to bypass protocol checks using padded entities and inject malicious scripts into the rendered HTML...

perl-YAML-Syck: YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter

Multiple security issues have been discovered in the perl YAML::Syck module. A heap overflow occurs when class names exceed the initial 512-byte allocation, a base64 decoder could read past the buffer end on trailing newlines. strtok mutated n-typeid in place, corrupting shared node data, and a...

PT-2026-33127

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

Pillow 安全漏洞

Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 10.3.0 to 12.1.1 contain security vulnerabilities. These vulnerabilities stem from the lack of restrictions on the amount of GZIP compressed data read during the decoding of FITS images, which may lead ...

CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

CVE-2026-5443

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

SUSE CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

[SECURITY] Fedora 44 Update: libkdcraw-26.03.80-2.fc44

Libkdcraw is a C++ interface around LibRaw library used to decode RAW picture files. More information about LibRaw can be found at http://www.libraw.org...

[SECURITY] Fedora 44 Update: kf5-libkdcraw-23.08.5-7.fc44

Libkdcraw is a C++ interface around LibRaw library used to decode RAW picture files. More information about LibRaw can be found at http://www.libraw.org...

CVE-2026-3446

A flaw was found in the Python base64 module. When decoding base64 data using functions like base64.b64decode, the decoding process prematurely stops upon encountering the first padding character. This can result in incomplete data being processed, where any information following the initial...

CVE-2026-40386

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

Medium: openexr

Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that...

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1561)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1561 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B4...