UBUNTU-CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

CVE-2026-5185

A security flaw in Nothings stb_image up to 2.30 affects the function stbi__gif_load_next in stb_image.h (Multi-frame GIF File Handler). The issue is a heap-based buffer overflow exploitable with local access. The exploit has been released publicly; vendor was contacted but did not respond. No re...

stb 资源管理错误漏洞

STB is a public domain library for C/C++ developed by Sean Barrett. Versions of STB prior to 2.30 contained a resource management vulnerability, which stemmed from incorrect operations on the stbiloadgifmain function in the stbimage.h file. This vulnerability could lead to double deallocation of...

Linux Distros Unpatched Vulnerability : CVE-2026-5201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color...

stb 安全漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 2.30 contained security vulnerabilities, which stemmed from incorrect operations on the stbigifloadnext function in the stbimage.h file, potentially leading to heap buffer overflows...

gdk-pixbuf 安全漏洞

gdk-pixbuf is an open-source image loading library developed by GNOME. gdk-pixbuf has a security vulnerability that stems from the improper validation of color component counts during the processing of specially crafted JPEG images by the JPEG image loader. This can lead to a heap buffer overflow...

PT-2026-29202

A security flaw has been discovered in Nothings stb image up to 2.30. This affects the function stbi gif load next of the file stb image.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has...

EUVD-2026-17119

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

Directory Traversal

Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Directory Traversal via the JSON loader tool due to lack of path validation. An attacker can access arbitrary files on the server by supplying crafted file paths. Details A Directo...

CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2285 CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2285

CrewAI CVE-2026-2285 is an arbitrary local file read vulnerability in the JSON loader tool, caused by lack of path validation in the loader. Affected ecosystem details indicate affected crewai-tools transitive deps (crewai-tools >=0.13.2,

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings venv-salt-minion: Fix the typo causing buiding EL9 bundle without binary dependencies Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase...

SUSE-SU-2026:1142-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: mgr-push: - Version 5.2.3-0 Disable build for SLES 16 rhnlib: - Version 5.2.4-0 Disable build for SLES 16 spacecmd: - Version 5.2.6-0 Update translation strings spacewalk-client-tools: - Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: - Version...

SUSE-SU-2026:1141-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...

PT-2026-29206

Name of the Vulnerable Software and Affected Versions gdk-pixbuf affected versions not specified Description A flaw exists in the gdk-pixbuf library within the JPEG image loader. This heap-based buffer overflow occurs due to improper validation of color component counts when processing a speciall...

PT-2026-29049

Name of the Vulnerable Software and Affected Versions CrewAI affected versions not specified Description The software contains a flaw where the JSON loader tool reads files without proper path validation. This allows unauthorized access to files on the server. The issue involves an arbitrary loca...

OPENSUSE-SU-2026:10460-1 gdk-pixbuf-loader-libheif-1.21.2-2.1 on GA media

These are all security issues fixed in the gdk-pixbuf-loader-libheif-1.21.2-2.1 package on the GA media of openSUSE Tumbleweed...