PT-2026-46629

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Isolated Web Apps allows a remote attacker to execute arbitrary code inside a sandbox by using a malicious file. Recommendations Update to version...

PT-2026-45783

Name of the Vulnerable Software and Affected Versions OpenMed versions prior to 1.5.2 Description Remote code execution is possible in the PII privacy-filter model loading path. The privacy-filter dispatcher uses broad substring matching on the user-supplied model name parameter, which allows a...

CVE-2026-30650

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device...

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

PT-2026-45770

Name of the Vulnerable Software and Affected Versions VIVOTEK INC FD8136-VVTK-0300a affected versions not specified Description A buffer overflow allows a remote attacker to execute arbitrary code via the 'set getparam.cgi' component. A buffer overflow occurs when a program writes more data to a...

Ubuntu 25.10 / 26.04 LTS : LibreOffice vulnerability (USN-8352-1)

The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8352-1 advisory. Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use thi...

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 RCE (7274733)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7274733 advisory. - IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

SUSE SLES15 Security Update : samba (SUSE-SU-2026:2108-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2108-1 advisory. This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. -...

PT-2026-46833

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in PDFium allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted PDF file. Use after free is a memory corruption flaw th...

CVE-2026-30649

CVE-2026-30649 reports a Buffer Overflow in VIVOTEK INC FD8136-VVTK-0300a, exploitable remotely via the set_getparam.cgi component. This vulnerability could allow an attacker to execute arbitrary code on affected devices. The CVE records list the vulnerable product (FD8136-VVTK-0300a) and the aff...

PT-2026-46443

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in ANGLE Almost Native Graphics Layer Engine allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page...

PT-2026-46494

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in DevTools allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Recommendations Update to version 149.0.7827....

PT-2026-46507

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code through malicious network traffic. Use after free occurs when an application continues to use a...

PT-2026-46411

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Network component allows a remote attacker to execute arbitrary code when a user opens a specially crafted HTML page. Use after free is a memory corruption...

PT-2026-46511

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebXR, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46477

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory...

Linux Distros Unpatched Vulnerability : CVE-2026-42588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ...

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: group policy certificate enrollment uses without...

PT-2026-45857

Name of the Vulnerable Software and Affected Versions BrowserStack Runner versions prior to 0.9.6 Description An issue in the / log HTTP handler allows unauthenticated network-adjacent attackers to execute arbitrary code on the host system. The handler processes JSON request bodies by passing...

PT-2026-46587

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Blink allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs...