Linux Distros Unpatched Vulnerability : CVE-2026-11632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute...

Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft...

PT-2026-48237

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

PT-2026-48102

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

PT-2026-48038

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...

Linux Distros Unpatched Vulnerability : CVE-2026-11650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

FreeBSD : strongSwan -- Double-free when destroying certain cloned identities that can lead to remote code execution (a207a367-6359-11f1-8c57-000af7b98cf6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a207a367-6359-11f1-8c57-000af7b98cf6 advisory. R. Elliott Childre reports: The clone method of the identificationt class doesn't correctly handle...

PT-2026-48011

Name of the Vulnerable Software and Affected Versions Active Directory Domain Services affected versions not specified Description A stack-based buffer overflow allows an authorized attacker to execute arbitrary code over a network, which can affect the system. A stack-based buffer overflow occur...

PT-2026-48121

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...

PT-2026-48235

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within t...

Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

PT-2026-47915

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

KB5094041: Windows Server 2012 R2 Security Update (June 2026)

The remote Windows host is missing security update 5094041. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2026-2207)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a...

Progress Software Kemp LoadMaster dolistapikeys Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the dolistapikeys method. The issue results from the lack of proper...

PT-2026-48240

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

PT-2026-47752

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.3.2.4854 Description A critical deserialization flaw allows an authenticated low-privilege domain user to execute arbitrary code on the Backup Server. This issue is network-reachable and requires...

PT-2026-48236

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the apiuser parameter provided to the accessv2 endpoin...