EulerOS 2.0 SP11 : libarchive (EulerOS-SA-2026-2210)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing...

Apache Answer 代码问题漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the upload of dangerous types of files. Custom TIFF images might trigger...

APSB26-65 : Security update available for Adobe Format Plugins

Adobe has released an update for Adobe Format Plugins. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`

Impact dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes - path separators /, , parent-directory components .., and other filename-hostile characters e.g. : were preserved verbatim and...

CVE-2026-46384

An integer overflow flaw was found in Go Avro in decoding logic. Multiple decoder paths performs unsafe integer conversions and overflow-prone arithmetic operations on attacker-controlled values from Avro payloads. A remote attacker during Avro decoder operations could exploit this issue using...

CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

JLSEC-2026-583 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an...

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...

USN-8399-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled large glyph advance values in fonts. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. CVE-2026-42308 It was discovered that Pillow incorrectly handled nested coordinate lists in certain APIs. An...

Amazon Linux 2023 : postgresql18, postgresql18-contrib, postgresql18-llvmjit (ALAS2023-2026-1780)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1780 advisory. Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to...

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2026-024 (ALASPOSTGRESQL14-2026-024)

The version of postgresql installed on the remote host is prior to 14.23-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2026-024 advisory. Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use...

PT-2026-47332

Improper Handling of Highly Compressed Data Data Amplification vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb response bodies. Req's default response pipeline includes Req.Steps.decode body/1 and Req.Steps.decompres...

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2026-1768)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1768 advisory. Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to...

CVE-2026-6242

An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into event subscription requests or notification generation pa...

CVE-2026-6241

An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifiers into ONVIF scope parameters to manipulate memory...

cereal 安全漏洞

Cereal is an open-source C++11 serialization library developed by iLab at USC. It supports binary, XML, and JSON formats. Versions of Cereal 1.3.2 and earlier contain security vulnerabilities. These vulnerabilities stem from unknown functions in the Shared Pointer Handler component, which may lea...

CVE-2026-8502

Technical details for CVE-2026-8502 are not provided in the connected documents; the available description notes exposure via c_status and return_type in LearnPress

EUVD-2026-34937

An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into event subscription requests or notification generation pa...

EUVD-2026-34936

An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifiers into ONVIF scope parameters to manipulate memory...

CVE-2026-6241

An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifiers into ONVIF scope parameters to manipulate memory...

CVE-2026-6242

An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into event subscription requests or notification generation pa...