PT-2026-48814

Impact A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4BlockArray. The decoder implementation is based on a deprecated fast-decompression algorithm that does not take a source-length bound. A remote attacker can send a crafted...

PT-2026-48689

Impact AsyncListener.handle query or defer retained every truncated TC-bit incoming query in self. deferredaddr and armed a per-addr timer in self. timersaddr that flushed the reassembled query within 500 ms RFC 6762 §18.5. Neither the per-addr list nor the number of distinct addr keys was capped...

AlmaLinux 10 : openssl (ALSA-2026:25237)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25237 advisory. openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-7383 openssl: OpenSSL: Denial of Service due to...

PT-2026-48682

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.135.Final Netty versions prior to 4.2.15.Final Description The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

ROS-20260611-73-0034

The vulnerability of the ecamchannelwrite function in the FreeRDP remote desktop protocol is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

ROS-20260611-73-0035

The vulnerabilities of the sdlPointerNew and sdlPointerFree functions in the FreeRDP remote desktop protocol are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a malicious actor to cause service failure...

ROS-20260611-73-0033

The vulnerability of the ecamchannelwrite function in the FreeRDP remote desktop protocol is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

ROS-20260611-73-0032

The vulnerability in freerdp3 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7922-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7922-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

FreeBSD : FreeBSD -- Arm CPU errata may bypass page table permission changes (438b0278-6474-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 438b0278-6474-11f1-958d-bc241121aa0a advisory. Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If o...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-8412-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8412-1 advisory. Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly...

RHEL 9 : skopeo (RHSA-2026:25250)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25250 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...

ROS-20260611-73-0011

The vulnerability of the cleardecompressresidualdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSL (a57fe2c1-6476-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a57fe2c1-6476-11f1-958d-bc241121aa0a advisory. Multiple issues have been reported as part of this advisory with different issues affecting...

PT-2026-48772

Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

ROS-20260611-73-0038

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0039

The vulnerability of the Linux operating system’s network protocol implementation is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...

ROS-20260611-73-0029

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0026

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2026-42326

A flaw was found in ImageMagick, a software used for editing and manipulating digital images. A local attacker could exploit this vulnerability by providing a malicious input file. When ImageMagick attempts to write an IPTC output file, this malicious input could cause the software to read beyond...