5018 matches found
CVE-2026-25799
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A logic error in the YUV sampling factor validation allows an invalid sampling factor to bypass security checks. This can trigger a division-by-zero error during image loading, leadi...
UBUNTU-CVE-2026-25799
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...
CVE-2026-25799 ImageMagick has Division-by-Zero in YUV sampling factor validation, which leads to crash
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...
EUVD-2026-7441
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...
CVE-2026-25799
CVE-2026-25799 (ImageMagick): A logic error in the YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, causing a reliable denial of service. This affects ImageMagick up to the patched releases; versions 7.1.2-15 an...
CVE-2026-25799
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...
CVE-2026-25799 ImageMagick has Division-by-Zero in YUV sampling factor validation, which leads to crash
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...
This Week in Spring - February 24th, 2026
Hi, Spring fans! Welcome to another awesome and oh-so-agentic week in Spring! We've got a ton to look into, and I've got even more to prepare for next week's DevNexus event in Atlanta, GA, so let's dive right into it! Be sure to say "hi" if you're going to be there, though! You've heard of Agent...
Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform
Splunk has fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. The vulnerabilities are in several versions of Splunk Enterprise and Splunk Cloud Platform. They allow low-privileged users to bypass protections, view sensitive information, and abuse the REST API for user...
CVE-2026-27197
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on t...
CVE-2026-27579
CollabPlatform is a full-stack, real-time doc collaboration platform. In all versions of CollabPlatform, the Appwrite project used by the application is misconfigured to allow arbitrary origins in CORS responses while also permitting credentialed requests. An attacker-controlled domain can issue...
CVE-2026-27579 CollabPlatform : CORS Misconfiguration Allows Arbitrary Origin With Credentials Leading to Authenticated Account Data Exposure
CollabPlatform is a full-stack, real-time doc collaboration platform. In all versions of CollabPlatform, the Appwrite project used by the application is misconfigured to allow arbitrary origins in CORS responses while also permitting credentialed requests. An attacker-controlled domain can issue...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation in the SAML SSO authentication process. An attacker can gain unauthorized access to user accounts by leveraging a malicious SAML Identity Provider and another organization configured on the same instance. Notes: - Thi...
CVE-2026-27197
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on t...
CVE-2026-27197
Affected product: Sentry (self-hosted) versions 21.12.0–26.1.0. Vulnerability: Critical flaw in the SAML SSO implementation that can allow an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same Sentry instance. Conditions: Self-h...
CVE-2026-27197 Sentry: Improper Authentication on SAML SSO process allows user identity linking
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on t...
CVE-2026-27197 Sentry: Improper Authentication on SAML SSO process allows user identity linking
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on t...
CVE-2026-27197
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on t...
CVE-2026-27197 Sentry: Improper Authentication on SAML SSO process allows user identity linking
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on t...
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses...