CVE-2026-6846

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution,...

CVE-2026-6846

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution,...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the elfx8664relocatesection function. An attacker can cause a heap-based buffer overflow by providing specially crafted input files during the linking process. Remediation A fix was pushed into the master...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the bfdelfgcrecordvtentry function. An attacker can cause a denial of service by providing specially crafted input files that trigger an out-of-bounds read during the linking process. Remediation A fix was pushed...

Rockstar Games: Account Takeover using Linked Accounts due to lack of CSRF protection

In this report, the researcher found a weakness in our third-party account linking process. They were able to create a malicious link that, if clicked by the victim, would under certain conditions give the attacker access to the victim's Social Club account. This issue has now been fixed...