PT-2026-23467

Name of the Vulnerable Software and Affected Versions Rakuten Viber versions 25.6.0.0 through 25.8.1.0 Description Rakuten Viber’s Cloak mode on Android version 25.7.2.0g and Windows versions 25.6.0.0 through 25.8.1.0 employs a consistent TLS ClientHello fingerprint that lacks extension diversity...

A flawed TLS handshake implementation affects Viber Proxy in multiple platforms

Overview The Rakuten Viber messaging app for Android V25.7.2.0g and Windows V25.6.0.0-V25.8.1.0, has a flaw in its TLS handshake implementation when using the Cloak proxy configuration. This flaw allows for easy identification of proxy usage, potentially compromising user anonymity. Description...

GHSA-WF6X-7X77-MVGW Immutable is vulnerable to Prototype Pollution

Impact What kind of vulnerability is it? Who is impacted? A Prototype Pollution is possible in immutable via the mergeDeep, mergeDeepWith, merge, Map.toJS, and Map.toObject APIs. Affected APIs | API | Notes | | --------------------------------------- |...

Prototype Pollution

Overview Affected versions of this package are vulnerable to Prototype Pollution in the mergeDeep, mergeDeepWith, merge, Map.toJS, and Map.toObject functions. An attacker can inject arbitrary properties into object prototypes by supplying crafted input containing special keys, potentially leading...

EUVD-2026-9454

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

CVE-2026-20007

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

CVE-2026-20007

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

CVE-2026-20007

The CVE-2026-20007 issue affects Cisco Secure Firewall Threat Defense (FTD) Software with Snort 2/3 deep packet inspection. A logic error in the integration of Snort Engine rules can cause different Snort rules to be hit during deep inspection of inner and outer connections, enabling an unauthent...

CVE-2026-20007 Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

PT-2026-23010

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

DEBIAN-CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

UBUNTU-CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

CVE-2026-27622

OpenEXR vulnerability CVE-2026-27622 arises from an integer overflow in CompositeDeepScanLine::readPixels, where per-pixel totals are accumulated into total_sizes and wrapped modulo 2^32, causing derived overall_sample_count to mis-size samples and leading to a heap out-of-bounds write in core un...

EUVD-2026-9342

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

GHSA-62F6-MRCJ-V8H5 OpenClaw's runtime /debug override path accepted prototype-reserved keys

Summary OpenClaw accepted prototype-reserved keys in runtime /debug set override object values proto, constructor, prototype. Impact /debug is disabled by default, and exploitation requires an already authorized /debug set caller. No unauthenticated vector was identified. This issue affects runti...