2360 matches found
CVE-2026-48367
After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48274
After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48367
The CVE-2026-48367 entry concerns Adobe After Effects with an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected product: After Effects. Root cause details are...
CVE-2026-48367 After Effects | Out-of-bounds Write (CWE-787)
After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48274
CVE-2026-48274 affects Adobe After Effects with an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. The issue requires user interaction: a victim must open a malicious file. The connected records provide the same description across CVE an...
CVE-2026-48274 After Effects | Out-of-bounds Write (CWE-787)
After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Adobe After Effects < 25.6.6 / 26.0.0 < 26.3.0 Multiple Arbitrary code execution (APSB26-78) (macOS)
The version of Adobe After Effects installed on the remote macOS host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-78 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-48274,...
Adobe After Effects < 25.6.6 / 26.0.0 < 26.3.0 Multiple Arbitrary code execution (APSB26-78)
The version of Adobe After Effects installed on the remote Windows host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-78 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-48274,...
The Language of AI Could Change How Humans Speak
Because of the way they are trained, large language models capture only a slice of human language. They're trained on the written word, from textbooks to social media posts, and our speech as captured in movies and on television. These models have minimal access to the unscripted conversations we...
CVE-2026-56776
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...
CVE-2026-56776 n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...
CVE-2026-56776 n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...
MINI-VFX3-9F2J-4PR8
Bulletin has no description...
MAL-2026-6590 Malicious code in envfile-sync-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 097a9a647e6d99cd53b881cae4fdd747d03b319388107c946c70b8804d3d917b On every import of envfile-sync-cli, src/index.js calls process.dlopen on bin/native/parser.node — a 2.9MB Windows PE executable sha256...
UBUNTU-CVE-2026-42450
OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...
CVE-2026-42450
OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...
[SECURITY] Fedora 44 Update: thorvg-1.0.6-1.fc44
ThorVG is an open-source graphics library designed for creating vector-based scenes and animations. It combines immense power with remarkable lightweight efficiency, as Thor embodies a dual meaning=E2=80=94symbolizing both thundero us strength and lightning-fast agility. Embracing the philosophy ...
[SECURITY] Fedora 43 Update: thorvg-1.0.6-1.fc43
ThorVG is an open-source graphics library designed for creating vector-based scenes and animations. It combines immense power with remarkable lightweight efficiency, as Thor embodies a dual meaning=E2=80=94symbolizing both thundero us strength and lightning-fast agility. Embracing the philosophy ...
Malicious code in clx-cookie-signature (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0e91601d276764067b1b209efd17a1f59ef03ff4fc814bcb22c495f4a0f9b3 Package impersonates the popular cookie-signature library copying its README, author field 'TJ Holowaychuk ', and sign/unsign API, but index.js adds ...
GHSA-CWPP-5962-Q4F6 OpenClaw: Exec allowlist could miss side effects from transparent command wrappers
Summary Exec allowlist could miss side effects from transparent command wrappers. In affected versions, a command request that reaches the exec allowlist path could be evaluated against the inner command while the wrapper invocation still executed. This advisory is scoped to the named feature and...