CVE-2026-7582

A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally...

CVE-2026-43054

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...

CVE-2026-31785 drm/xe/xe_pagefault: Disallow writes to read-only VMAs

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xepagefault: Disallow writes to read-only VMAs The page fault handler should reject write/atomic access to read only VMAs. Add code to handle this in xepagefaultservice after the VMA lookup. v2: - Apply max line length...

CVE-2026-31779

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwlmvmndmatchinfohandler The memcpy function assumes the dynamic array notif-matches is at least as large as the number of bytes to copy. Otherwise, results-matches may...

CVE-2026-31763

CVE-2026-31763 concerns the Linux kernel iio: gyro: mpu3050 driver. The issue arises from using the wrong IRQ handler during free_irq() in the teardown path: free_irq() is called with mpu3050 as the handler instead of the actual irq part pointer mpu3050->trig. The documented fix corrects the I...

CVE-2026-31763 iio: gyro: mpu3050: Fix incorrect free_irq() variable

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix incorrect freeirq variable The handler for the IRQ part of this driver is mpu3050-trig but, in the teardown freeirq is called with handler mpu3050. Use correct IRQ handler when calling freeirq...

CVE-2026-31762

CVE-2026-31762 affects the Linux kernel iio gyro mpu3050 driver. The root cause is an IRQ resource leak: during iio_trigger_register() failure, the interrupt handler is not properly released, leading to unreleased IRQ resources. The patch adds a cleanup goto to release the handler on error. Affec...

CVE-2026-7582

A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally...

CVE-2026-7582

CVE-2026-7582 affects AcademySoftwareFoundation OpenImageIO prior to 3.2.0.1-dev in the DDS Image Handler, specifically the file src/dds.imageio/ddsinput.cpp. The issue is an out-of-bounds write in the DDS input handling. Exploitation is described as local, with a public exploit available. A patc...

CVE-2026-7582 AcademySoftwareFoundation OpenImageIO DDS Image ddsinput.cpp out-of-bounds write

A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally...

CLSA-2026-1777641731 ImageMagick: Fix of CVE-2026-24481

CVE-2026-24481: heap information disclosure in PSD format handler via uninitialized memory in ZIP-compressed layer data...

CVE-2026-7578

A weakness has been identified in MacCMS Pro up to 2022.1.3. This vulnerability affects the function install of the file /admi.php/admin/addon/add.html of the component Plugin Installation Handler. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote...

CVE-2026-7578

MacCMS Pro

EUVD-2026-26495

A weakness has been identified in MacCMS Pro up to 2022.1.3. This vulnerability affects the function install of the file /admi.php/admin/addon/add.html of the component Plugin Installation Handler. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote...

CVE-2026-7538

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated remotely. The explo...

PT-2026-36490

Name of the Vulnerable Software and Affected Versions MixPHP Framework versions 2.x through 2.2.17 Description An unsafe deserialization issue exists where the session and cache handlers utilize the unserialize function on data retrieved from the filesystem within the FileHandler object...

CVE-2026-42473

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from the filesystem in the FileHandler object...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the iio gyro mpu3050 driver using the wrong interrupt handler variable in freeirq, which could lead to a...

PT-2026-36316

Name of the Vulnerable Software and Affected Versions MacCMS Pro versions prior to 2022.1.4 Description A weakness in the Plugin Installation Handler component allows for unrestricted file upload. This issue occurs within the install function of the file '/admi.php/admin/addon/add.html' and can b...

Mix PHP 代码问题漏洞

Mix PHP is Mix PHP open source a PHP command line mode development framework that supports seamless multi-server ecosystem switching. A code issue vulnerability exists in Mix PHP versions 2.x through 2.2.17 that stems from a session and cache handler call to unserialize on Redis data in the...