EUVD-2026-1153

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior UB and Out of Memory errors. This issue is fixed in version 2.3.1.2...

SUSE CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

PT-2026-1405

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and earlier contain Undefined Behavior UB and Out of Memory errors. Undefined Behavior refers ...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2025-094 (ALASDOCKER-2025-094)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-094 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed...

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2025-091 (ALASECS-2025-091)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-091 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2026-1004)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2...

EUVD-2026-0733

Malicious code in orchestration-node-common-errors npm...

Malicious code in orchestration-node-common-errors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d35f5a5c8b3e75118553234caeef3ebb1eb546d8a678904707d18ef47a16ab9b The package orchestration-node-common-errors was found to contain malicious code. Source: ghsa-malware...

MAL-2026-21 Malicious code in orchestration-node-common-errors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d35f5a5c8b3e75118553234caeef3ebb1eb546d8a678904707d18ef47a16ab9b The package orchestration-node-common-errors was found to contain malicious code. Source: ghsa-malware...

Information Exposure

Overview ttsfm is a Text-to-Speech API Client with OpenAI compatibility Affected versions of this package are vulnerable to Information Exposure due to verbose and unsanitized error handling in FFmpeg-related operations. An attacker can deliberately trigger FFmpeg errors using malformed audio...

EUVD-2025-206095

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

PT-2026-27670

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to error handling within the rocket probe function in the accel/rocket component. Specifically, improper unwinding occurs when rocket core init...

Linux Distros Unpatched Vulnerability : CVE-2025-69412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of...