Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS

TITLE: Race Condition in node-tar Path Reservations via Unicode Sharp-S ß Collisions on macOS APFS AUTHOR: Tomás Illuminati Details A race condition vulnerability exists in node-tar v7.5.3 this is to an incomplete handling of Unicode path collisions in the path-reservations system. On...

CVE-2026-23950

Summary of CVE-2026-23950 (node-tar) : A race condition in node-tar’s path-reservations on macOS APFS/HFS+ enables parallel processing of conflicting Unicode paths (e.g., “ß” vs “ss”), bypassing internal locks and allowing an Arbitrary File Overwrite . Affected are node-tar versions up to 7.5.3; ...

OSV-2026-53 Heap-use-after-free in graph::LigatureSubstFormat1::shrink

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475607265 Crash type: Heap-use-after-free READ 8 Crash state: graph::LigatureSubstFormat1::shrink graph::LigatureSubstFormat1::splitcontextt::shrink hbvectort graph::actuatesubtablesplitgraph::LigatureSu...

PT-2026-4643

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475607265 Crash type: Heap-use-after-free READ 8 Crash state: graph::LigatureSubstFormat1::shrink graph::LigatureSubstFormat1::split context t::shrink hb vector t graph::actuate subtable splitgraph::LigatureSu...

Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-1484)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single...

Important: ghostscript

Issue Overview: Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature. CVE-2020-36773 Affected Packages: ghostscri...

Design/Logic Flaw

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

DEBIAN-CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

Oracle Java mort TTF Table Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fontmanager...

Oracle Java mort TTF Table Ligature Substitution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fontmanager...