Security Bulletin: There is a vulnerability in pdfbox-2.0.28.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-33929)

Summary There is a vulnerability in pdfbox-2.0.28.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-33929 DESCRIPTION: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache PDFBox Examples...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mapletree: fixed the MASTATEPREALLOC flag in maspreallocate The preallocation flag is temporarily cleared when explicit requests for allocations are made. Existing allocations are already counted against the request through...

@mas.io/mas-chart (=0.0.2) potentially affected by unknown CVE via @antv/my-f2 (=2.1.7)

@antv/my-f2 NPM version =2.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/my-f2 and may be impacted: - @mas.io/mas-chart =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4070...

Astra Linux - уязвимость в linux-5.10

A use-after-free flaw was discovered in the Linux kernel’s Memory Management subsystem, where a user can win two races simultaneously due to a failure in the masprevSlot function. This issue could allow a local user to crash the system...

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1514)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1514 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent CVE-2025-71268 In the Linux kernel, the followi...

CVE-2026-32348

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

CVE-2026-23260

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on masstoregfp failure regcachemaplewrite allocates a new block 'entry' to merge adjacent ranges and then stores it with masstoregfp. When masstoregfp fails, the new 'entry' remains allocated and is neve...

CVE-2026-23260

CVE-2026-23260 involves the Linux kernel memory-leak in regmap maple: when mas_store_gfp() fails, the newly allocated 'entry' is not freed, leaking memory. The fix frees 'entry' on the failure path and frees the replaced neighbor blocks ('lower','upper') on success. Connected advisories show patc...

CVE-2026-23260 regmap: maple: free entry on mas_store_gfp() failure

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on masstoregfp failure regcachemaplewrite allocates a new block 'entry' to merge adjacent ranges and then stores it with masstoregfp. When masstoregfp fails, the new 'entry' remains allocated and is neve...

ROS-20260317-73-0007

A vulnerability in the maspreallocate function of the lib/mapletree.c module of the Linux kernel is related to pointer dereferencing resulting from incorrect memory allocation. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

EUVD-2026-11834

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

CVE-2026-32348

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

CVE-2026-32348 WordPress MAS Videos plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

CVE-2026-32348

The CVE-2026-32348 entry concerns the WordPress MAS Videos plugin (masvideos) with a Missing Authorization vulnerability due to incorrectly configured access control security levels. It affects MAS Videos versions up to and including 1.3.2. The connected documents substantiate the vulnerability d...

CVE-2026-32348

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

CVE-2026-32348 WordPress MAS Videos plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through = 1.3.2...

WordPress plugin MAS Videos 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2024-34164

Uncontrolled search path element in some IntelR MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access...

EUVD-2025-205865

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in MadrasThemes MAS Videos allows PHP Local File Inclusion.This issue affects MAS Videos: from n/a through 1.3.2...

CVE-2025-62753

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in MadrasThemes MAS Videos masvideos allows PHP Local File Inclusion.This issue affects MAS Videos: from n/a through = 1.3.4...