CVE-2026-33020

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixelframeconverttorgb888 in frame.c, where allocation size and pointer offset computations for palettised images PAL1, PAL...

CVE-2026-33020

libsixel versions up to 1.8.7 are affected by an integer overflow in sixel_frame_convert_to_rgb888() that causes a heap buffer overflow when handling palettised images (PAL1, PAL2, PAL4). The allocation size and pointer arithmetic use int, leading to an undersized heap allocation and negative off...

CVE-2026-33020 libsixel: Integer Overflow in write_png_to_file() leads to Heap-based Buffer Overflow

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixelframeconverttorgb888 in frame.c, where allocation size and pointer offset computations for palettised images PAL1, PAL...

EUVD-2026-22744

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixelframeconverttorgb888 in frame.c, where allocation size and pointer offset computations for palettised images PAL1, PAL...

CVE-2026-33019

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INTMAX are accepted without overflow-safe bounds...

CVE-2026-33019 libsixel: Integer overflow leads to Out-of-bounds Read in img2sixel

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INTMAX are accepted without overflow-safe bounds...

CVE-2026-33019

Summary: The issue affects libsixel versions up to 1.8.7 and prior, where the --crop handling in img2sixel can overflow when coordinates are large. In sixel_encoder_do_clip(), clip_w + clip_x overflows for clip_x = INT_MAX, bypassing bounds checks and allowing an unclamped coordinate to reach six...

CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

EUVD-2026-22418

Integer size truncation in Windows Advanced Rasterization Platform WARP allows an unauthorized attacker to elevate privileges locally...

EUVD-2026-22445

Integer underflow wrap or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

EUVD-2026-22340

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via...

CVE-2026-27907

Integer underflow wrap or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

CVE-2026-26178

Integer size truncation in Windows Advanced Rasterization Platform WARP allows an unauthorized attacker to elevate privileges locally...

SUSE-SU-2026:1332-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. - CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. - CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. - CVE-2026-34002: XKB...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. CVE-2026-34002: XKB...

SUSE-SU-2026:1331-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. - CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. - CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. - CVE-2026-34002: XKB...

CVE-2026-39811

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via...

CVE-2026-39811

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via...

CVE-2026-39811

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via...

CVE-2026-39811

Summary: CVE-2026-39811 is described as an integer overflow or wraparound vulnerability in Fortinet FortiWeb products, potentially enabling denial of service. Affected products/versions (per provided documents): FortiWeb 8.0.0–8.0.3; FortiWeb 7.6.0–7.6.6; FortiWeb 7.4 (all versions); FortiWeb 7.2...