RockyLinux 9 : LibRaw (RLSA-2026:19345)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19345 advisory. LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based...

Important: Red Hat Security Advisory: LibRaw security update

An update for LibRaw is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2026-33741

EspoCRM prior to version 9.3.4 is affected by a Stored XSS via SVG attachments loading same-origin JavaScript. Versions 9.3.3 and earlier allow authenticated users to upload SVG attachments (through normal attachment fields) and later serve those SVGs as top-level inline documents via attachment ...

protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion

Summary protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON and Namespace.addJSON. A crafted JSON descriptor with deeply nested namespace definitions could cause the JavaScript call stack to be exhausted during descriptor loading. Impact An...

GHSA-JGGG-4JG4-V7C6 protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion

Summary protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON and Namespace.addJSON. A crafted JSON descriptor with deeply nested namespace definitions could cause the JavaScript call stack to be exhausted during descriptor loading. Impact An...

CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

ALSA-2026:19127 Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

ALSA-2026:19345 Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

PT-2026-42013

Name of the Vulnerable Software and Affected Versions CtrlPanel versions prior to 1.2.0 Description An authenticated admin-level user can achieve Remote Code Execution by supplying an arbitrary class name available in the Composer autoloader. The admin settings update endpoint accepts a fully...

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

CLSA-2026-1779127347 Fix CVE(s): CVE-2026-42050

SECURITY UPDATE: fix stack buffer overflow in XTileImage when loading malicious MIFF in display tool - debian/patches/CVE-2026-42050.patch: fix stack buffer overflow in XTileImage when loading malicious MIFF in display tool - CVE-2026-42050...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the SpriteFont file loading process. An attacker can execute arbitrary code by providing a specially crafted .spritefont file that triggers a 32-bit integer overflow during multiplication. This is only...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the SpriteFont file loading process when handling untrusted .spritefont files. An attacker can execute arbitrary code by supplying a crafted data file that triggers a 32-bit integer overflow during...

com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects

A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted javax.naming.Reference or serialized object to an application using the library. This can provoke the application to download and execute arbitrary...

c3p0: c3p0: Arbitrary Code Execution via deserialization of crafted objects

A flaw was found in c3p0, a Java Database Connectivity JDBC Connection pooling library. This vulnerability allows an attacker to achieve arbitrary code execution by providing maliciously crafted Java-serialized objects or javax.naming.Reference instances. By manipulating the userOverridesAsString...

com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects

A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted javax.naming.Reference or serialized object to an application using the library. This can provoke the application to download and execute arbitrary...

CVE-2026-45401 Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validateurl function in backend/openwebui/retrieval/web/utils.py only validates the initial URL submitted by the caller. The HTTP clients used downstream sync requests, async...

CVE-2026-44088

SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream reading from the beginning of the file, but loads classes using class JarFile/URLClassLoader reading the Central Directory from the end. It can lead to remote code execution by allowing an attacker to combine ...