Double Free

Overview Affected versions of this package are vulnerable to Double Free in the certificate verification path, in the TLS client's OCSP stapling response handling. An attacker operating a malicious server can deliver an OCSP response via the statusrequest extension that corrupts heap memory and...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in PKCS7verify. An attacker supplying a PKCS7 or S/MIME signed message whose SignedData digestAlgorithms field is an empty ASN.1 SET can cause a caller-owned BIO to be freed during verification. A subsequent use of that B...

EUVD-2026-35455

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device...

EUVD-2026-35466

Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting product's confidentiality or change certain configurations...

EUVD-2026-35707

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...

EUVD-2026-35519

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

EUVD-2026-35709

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

EUVD-2026-35508

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-35516

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

EUVD-2026-35518

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

EUVD-2026-35517

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...

EUVD-2026-35697

Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network...

EUVD-2026-35700

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

EUVD-2026-35501

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network...

EUVD-2026-35699

Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...

EUVD-2026-35505

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

EUVD-2026-35692

Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network...

EUVD-2026-35690

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

EUVD-2026-35691

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-35686

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...