RHEL 10 : thunderbird (RHSA-2026:24719)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24719 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox E...

PT-2026-48259

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description An out-of-bounds read issue exists where the software reads data outside the intended buffer in memory. This can lead to the disclosure of sensitive memory information. Exploitation...

PT-2026-48257

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the annotation component, which occurs when a program continues to use a pointer after it has been freed, potentially leading to the...

PT-2026-47758

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the tun xdp one function returns -EINVAL for frames shorter than ETH HLEN without freeing the page allocated by vhost net build xdp. Because...

ROS-20260609-73-0009

The vulnerability of the ngxhttpsslmodule module in NGINX Plus and NGINX Open Source web servers is related to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and accessibility of protected information...

EulerOS 2.0 SP11 : mesa (EulerOS-SA-2026-2217)

According to the versions of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an...

EulerOS 2.0 SP11 : mesa (EulerOS-SA-2026-2254)

According to the versions of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an...

APSB26-62 : Security update available for Adobe Dreamweaver

Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution, memory exposure, and arbitrary file system read...

ASP non-Coherent Memory Access

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54509| Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD Secure...

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

FreeBSD -- Arm CPU errata may bypass page table permission changes

Problem Description: Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If one CPU stores to a virtual address while another CPU invalidates the translation for that address, the second CPU's TLBI+DSB may complete before the first CPU's store has be...

CVE-2026-36821

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents

External memory has become a core component of modern web agents, enabling long-horizon reasoning through the retrieval of past experiences. However, this paradigm introduces a critical vulnerability: malicious content injected into memory can be persistently recalled and repeatedly influence age...

PT-2026-47783

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE SIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGE SIZE. The core issue is that rxe set page is call...

ROS-20260609-73-0038

The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...

UBUNTU-CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

PT-2026-47781

A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the create masked entry string function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged...

PT-2026-48256

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description An out-of-bounds read issue exists where the software reads data outside the intended boundary of a buffer, which can lead to the disclosure of sensitive memory. An attacker...

PT-2026-48244

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...