CVE-2026-53754

CVE-2026-53754 affects Crawl4AI prior to version 0.8.8. The Docker API server’s SSRF protection (validate_webhook_url/validate_url_destination) used an explicit IPv4/IPv6 CIDR blocklist that missed several address families, allowing an unauthenticated attacker to reach internal services and cloud...

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

CVE-2026-54268 Angular: Denial of Service (DoS) via OOM in Date Formatting (formatDate)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service DoS vulnerability exists in the @angular/common package of the Angular framework. The formatDate function,...

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, audinserverrecvformats freed an incorrect number of audio formats upon parse failure i + i, resulting in out-of-bounds access in audioformatsfree. This vulnerability has been fixed in version 3.22.0...

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a malicious RDP server could trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. The audinprocessformats function reuses the callback-formatscount...

CVE-2026-47750

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the GLOBAL opcode...

CVE-2026-47750

The CVE-2026-47750 issue affects stable-diffusion.cpp in its pickle (.ckpt) parser (src/model.cpp). A heap buffer overflow occurs in the GLOBAL opcode handler due to missing validation while locating newline-delimited fields; a crafted .ckpt from an untrusted source can cause the parser to copy w...

Microsoft Security Advisory CVE-2026-45491 – .NET Tampering Vulnerability

Executive Summary Microsoft is releasing this security advisory to provide information about a vulnerability in System.Formats.Tar. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A tampering vulnerability exists in the...

[SECURITY] Fedora 43 Update: 7zip-26.01-1.fc43

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

[SECURITY] Fedora 44 Update: 7zip-26.01-1.fc44

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

CVE-2026-54394 MISP organisation logo path traversal allows retrieval of arbitrary PNG/SVG files

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...

Malicious code in sass-formats (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ccda832d10cb642350129278ae1fc341d3be8b8302ddbf9bdcfc15eeeb6eae8 The package name sass-formats is one character-edit away from the popular sass-formatter package and reuses its original author field "author": "Syle...

MAL-2026-5629 Malicious code in sass-formats (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ccda832d10cb642350129278ae1fc341d3be8b8302ddbf9bdcfc15eeeb6eae8 The package name sass-formats is one character-edit away from the popular sass-formatter package and reuses its original author field "author": "Syle...

Malicious Package

Overview sass-formats is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

ROS-20260610-73-0037

The vulnerability of the audinprocessformats function in the RDP client FreeRDP is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures remotely...

ROS-20260610-73-0038

The vulnerability of the audinprocessformats function in the RDP client FreeRDP is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures remotely...

sharp 安全漏洞

Sharp is a personal development tool by Lovell, designed to convert large images in common formats into smaller, web-friendly JPEG, PNG, WebP, GIF, and AVIF images. Versions of Sharp from 9.0.0 to 9.22.3 contained a security vulnerability. This vulnerability stemmed from the create and store...

PT-2026-48537

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.22.0 Description vLLM is an inference and serving engine for large language models. The software contains a supply-chain integrity issue where revision pinning controls are not consistently applied to all artifacts...

sharp 安全漏洞

Sharp is a personal development tool by Lovell, designed to convert large images in common formats into smaller, web-friendly JPEG, PNG, WebP, GIF, and AVIF images. Versions of Sharp prior to 9.22.0 contained a security vulnerability. This vulnerability stemmed from the general download endpoint...

EUVD-2025-210087

image-size 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2 contain a denial of service vulnerability in the findBox function when processing specially crafted images with zero-sized boxes. Remote attackers can cause application hang by supplying malicious JXL, HEIF, or JP2 image files with box size zer...