Lucene search
K

2360 matches found

NVD
NVD
added yesterday4 views

CVE-2026-48367

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-48274

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-48367

The CVE-2026-48367 entry concerns Adobe After Effects with an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected product: After Effects. Root cause details are...

7.8CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday21 views

CVE-2026-48367 After Effects | Out-of-bounds Write (CWE-787)

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-48274

CVE-2026-48274 affects Adobe After Effects with an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. The issue requires user interaction: a victim must open a malicious file. The connected records provide the same description across CVE an...

7.8CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday22 views

CVE-2026-48274 After Effects | Out-of-bounds Write (CWE-787)

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added yesterday3 views

Adobe After Effects < 25.6.6 / 26.0.0 < 26.3.0 Multiple Arbitrary code execution (APSB26-78) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-78 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-48274,...

7.8CVSS7.4AI score0.00299EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added yesterday3 views

Adobe After Effects < 25.6.6 / 26.0.0 < 26.3.0 Multiple Arbitrary code execution (APSB26-78)

The version of Adobe After Effects installed on the remote Windows host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-78 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-48274,...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 6 days ago11 views

The Language of AI Could Change How Humans Speak

Because of the way they are trained, large language models capture only a slice of human language. They're trained on the written word, from textbooks to social media posts, and our speech as captured in movies and on television. These models have minimal access to the unscripted conversations we...

5.9AI score
Exploits0
NVD
NVD
added 2026/07/08 2:17 p.m.9 views

CVE-2026-56776

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

7.4CVSS0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 1:49 p.m.33 views

CVE-2026-56776 n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

7.4CVSS0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 1:49 p.m.6 views

CVE-2026-56776 n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

5.3CVSS6.2AI score0.00161EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 1:30 p.m.3 views

MINI-VFX3-9F2J-4PR8

Bulletin has no description...

5.9CVSS6.6AI score0.00404EPSS
Exploits0
OSV
OSV
added 2026/06/29 7:28 a.m.15 views

MAL-2026-6590 Malicious code in envfile-sync-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 097a9a647e6d99cd53b881cae4fdd747d03b319388107c946c70b8804d3d917b On every import of envfile-sync-cli, src/index.js calls process.dlopen on bin/native/parser.node — a 2.9MB Windows PE executable sha256...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/24 2:17 p.m.4 views

UBUNTU-CVE-2026-42450

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 1:20 p.m.7 views

CVE-2026-42450

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS5.9AI score0.0012EPSS
Exploits0
Fedora
Fedora
added 2026/06/23 1:9 a.m.8 views

[SECURITY] Fedora 44 Update: thorvg-1.0.6-1.fc44

ThorVG is an open-source graphics library designed for creating vector-based scenes and animations. It combines immense power with remarkable lightweight efficiency, as Thor embodies a dual meaning=E2=80=94symbolizing both thundero us strength and lightning-fast agility. Embracing the philosophy ...

4.3CVSS5.8AI score0.00235EPSS
Exploits0
Fedora
Fedora
added 2026/06/23 12:54 a.m.5 views

[SECURITY] Fedora 43 Update: thorvg-1.0.6-1.fc43

ThorVG is an open-source graphics library designed for creating vector-based scenes and animations. It combines immense power with remarkable lightweight efficiency, as Thor embodies a dual meaning=E2=80=94symbolizing both thundero us strength and lightning-fast agility. Embracing the philosophy ...

4.3CVSS5.8AI score0.00235EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 10:28 p.m.13 views

Malicious code in clx-cookie-signature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0e91601d276764067b1b209efd17a1f59ef03ff4fc814bcb22c495f4a0f9b3 Package impersonates the popular cookie-signature library copying its README, author field 'TJ Holowaychuk ', and sign/unsign API, but index.js adds ...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/18 8:10 p.m.7 views

GHSA-CWPP-5962-Q4F6 OpenClaw: Exec allowlist could miss side effects from transparent command wrappers

Summary Exec allowlist could miss side effects from transparent command wrappers. In affected versions, a command request that reaches the exec allowlist path could be evaluated against the inner command while the wrapper invocation still executed. This advisory is scoped to the named feature and...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References4
Rows per page
Query Builder