CVE-2026-44775 Kavita: No authentication at /api/Reader/image

Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with AllowAnonymous, allowing completely unauthenticated access to page images from any chapter in any library. While the endpoint accepts an apiKey parameter, it is never validated. Sin...

kavita 访问控制错误漏洞

Kavita is a fast and feature-rich cross-platform reading server developed by Kavita OpenSource. Versions of Kavita prior to 0.9.0 contained an access control vulnerability. This vulnerability stemmed from the ReaderController.GetImage endpoint, which allowed completely unauthenticated access,...

May "In the Trend of VM" (#27): high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader

May "In the Trend of VM" 27: high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. While the previous April edition featured only one vulnerability, this one...

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

CVE-2026-41071 libheif: Heap buffer over-read in SampleAuxInfoReader via crafted HEIF sequence file with mismatched saiz sample count

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

EUVD-2026-31501

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

PT-2026-42834

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow out-of-bounds read occurs in the SampleAuxInfoReader constructor when parsing a crafted HEIF sequence file. The issue arises because the constructor iterates over the number o...

PT-2026-42792

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...

Linux Distros Unpatched Vulnerability : CVE-2026-8706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive...

RLSA-2026:19559 Important: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in imareaderinit CVE-2026-37555 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

libsndfile security update

An update is available for libsndfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libsndfile is a C library for reading and writing files containing sampled...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

Important: Red Hat Security Advisory: libsndfile security update

An update for libsndfile is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Astra Linux - уязвимость в chromium

Before version 98.0.4758.80, using “after free” in Reader Mode in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not attempt to read beyond the “commit” boundary. When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There are mechanisms to detect and handle this issue, but t...

Astra Linux - уязвимость в grub2

A heap out-of-bounds write may occur during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. The impacts on confidentiality, integrity, and availability are considered low, as it is very complex for an attacker to control the encoding and...

SUSE CVE-2026-8706

Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...

RHEL 10 : libsndfile (RHSA-2026:19560)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19560 advisory. libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer...

Amazon Linux 2023 : ecs-init (ALAS2023-2026-1637)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1637 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...

RHEL 8 : libsndfile (RHSA-2026:19559)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19559 advisory. libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer...