CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-32707

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, tattucan contains an unbounded memcpy in its multi-frame assembly loop, allowing stack memory overwrite when crafted CAN frames are processed. In deployments where tattucan is enabled and running, a CAN-injection-capable...

UBUNTU-CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-1947

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 9.1.9 via the submitnexform function due to missing validation on a user controlled key. This makes it possible for unauthenticated...

CVE-2026-32775

A flaw was found in libexif. When decoding MakerNotes, an integer underflow can occur in the exifmnotedatagetvalue function if a zero size is passed. This can lead to a buffer overwrite, potentially allowing an attacker to achieve arbitrary code execution, disclose sensitive information, or cause...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the exifmnotedatagetvalue function when a size of 0 is passed as an argument during decoding MakerNotes. An attacker can cause the in-buffer to be overwritten and potentially execute arbitrary cod...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-32775

CVE-2026-32775 affects libexif up to 0.6.25, in the MakerNotes decoding path. The flaw occurs in the function exif_mnote_data_get_value when a 0-sized input is passed, causing an integer underflow that overwrites the provided buffer. The CVSS 3.1 vector assigns a base score of 7.4 (HIGH) with LOC...

Exploit for Path Traversal in Apple Safari

CVE-2026-20660 PoC Bundle This folder packages a standalone p...

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege...

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege...

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege...

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege. Affected product: Smart Switch (pre-3.7.69.15). Impact: potential unauthorized file overwrite; confidentiality unchanged, integrity/availability considerat...

PT-2026-25609

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege...

PX4-Autopilot 安全漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from tattucan’s use of unbounded memory copying during its multi-frame assembly cycle, which could lead to stack...

SAMSUNG Smart Switch 安全漏洞

Samsung Smart Switch is a data migration tool developed by South Korea’s Samsung Corporation. Versions of Samsung Smart Switch prior to 3.7.69.15 contained a security vulnerability caused by a path traversal issue, which could allow adjacent attackers to overwrite any file with Smart Switch...

Libexif 数字错误漏洞

Libexif is a function library written in C language by the Libexif organization. This product is primarily used for reading and writing EXIF meta-data from graphic files. Versions of libexif prior to 0.6.25 contained a numerical error vulnerability. This vulnerability stemmed from a flaw in...