PT-2026-24366

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.1 2471 and earlier Description The DNG SDK is affected by an Integer Overflow or Wraparound issue that may result in application denial-of-service. An attacker could exploit this to cause the application to crash or become...

iccDEV 缓冲区错误漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.5 contained a buffer error vulnerability. This vulnerability stemmed from the heap buffer overflow during the execution of the CIccMatrixMath::SetRange...

Siemens SICAM SIAPP SDK 缓冲区错误漏洞

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service or execute arbitrary code...

PT-2026-24180

If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer...

This Week in Spring - March 9th, 2026

Hi Spring fans! Welcome to another rip-roaring installment of This Week in Spring! I'm writing this in an Uber en route to the airport to get to awsome Atlanta, GA, for Devnexus 2026! Who's goin'? You goin'? We - the Spring team - will be there in force! Come say hi at the boothes or come see our...

GHSA-QR2G-P6Q7-W82M x402 SDK Security Advisory

Impact A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK. Who...

[SECURITY] Fedora 44 Update: pgadmin4-9.12-2.fc44

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

OPENSUSE-SU-2026:10301-1 kernel-devel-longterm-6.18.16-1.1 on GA media

These are all security issues fixed in the kernel-devel-longterm-6.18.16-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-23822

Name of the Vulnerable Software and Affected Versions hoppscotch versions prior to 2026.2.1 Description hoppscotch is an API development ecosystem. Prior to version 2026.2.1, the DELETE ''/v1/access-tokens/revoke'' endpoint allows any authenticated user to delete any other user's Personal Access...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (January 2026) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in January 2026. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is...

Exploits and vulnerabilities in Q4 2025

The fourth quarter of 2025 went down as one of the most intense periods on record for high-profile, critical vulnerability disclosures, hitting popular libraries and mainstream applications. Several of these vulnerabilities were picked up by attackers and exploited in the wild almost immediately...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1468)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1468 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats CVE-2023-53421 In the Linux kernel, the following...

Amazon Linux 2023 : libssh, libssh-config, libssh-devel (ALAS2023-2026-1461)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1461 advisory. libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not...

freetype2-devel-2.14.2-1.1 on GA media (moderate)

freetype2-devel-2.14.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10289-1 Rating: moderate Cross-References: CVE-2026-23865 CVSS scores: CVE-2026-23865 SUSE : 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2026-23865 SUSE : 4.6...

AirPlay Dual‑Mode Discovery Scanner for Flipper Zero ESP32 WiFi Dev Board

This project implements a dual‑mode AirPlay discovery scanner using an ESP32 WiFi Dev Board attached to a Flipper Zero. The tool is designed strictly for network discovery and visibility, not exploitation...

Adobe SDK 1.7.1 2410 Robust DNG File Generator / Stress Tester

This Python script generates a structurally valid DNG Digital Negative file containing an embedded JPEG XL JXL codestream...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - January 2026 CPU and CVE-2026-1188

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

OPENSUSE-SU-2026:10288-1 libblkid-devel-2.41.3-4.1 on GA media

These are all security issues fixed in the libblkid-devel-2.41.3-4.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2026-9319

IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD...

PT-2026-22746

Name of the Vulnerable Software and Affected Versions Tuya App and SDK version 24.07.11 Description A denial of service condition exists in Tuya App and SDK. The issue affects an unknown functionality within the JSON Data Point Handler component. Manipulation of the cruise time argument can lead ...