EUVD-2026-10784

DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-10755

PX4 Autopilot versions 1.12.x through 1.15.x contain a protection mechanism failure in the "Re-arm Grace Period" logic. The system incorrectly applies the in-air emergency re-arm logic to ground scenarios. If a pilot switches to Manual mode and re-arms within 5 seconds default configuration of an...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the SFW decoder, on 32-bit systems. An attacker can cause a crash by processing extremely large images. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit ...

Out-of-bounds Read

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

CVE-2026-30972

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior o 9.5.2-alpha.10 and 8.6.23, Parse Server's rate limiting middleware is applied at the Express middleware layer, but the batch request endpoint /batch processes sub-requests internally by...

CVE-2026-30954 LinkAce has a Cross-User Tag/List Attachment IDOR in processTaxonomy()

LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...

CVE-2026-27280

DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27216

Substance3D Painter prior to 11.1.3 is affected by an out-of-bounds read vulnerability (CVE-2026-27216) that can lead to memory exposure. The issue affects Painter 11.1.2 and earlier and requires user interaction: a victim must open a malicious file to exploit it. Multiple connected sources (Red ...

EUVD-2026-10509

Buffer Overflow vulnerability in Uderzo Software SpaceSniffer v.2.0.5.18 allows a remote attacker to execute arbitrary code via a crafted .sns snapshot file...

CVE-2026-27281 DNG SDK | Integer Overflow or Wraparound (CWE-190)

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

CVE-2026-27280 DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-25572

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

CVE-2026-25569

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. An out-of-bounds write vulnerability exists in SICAM SIAPP SDK. This could allow an attacker to write data beyond the intended buffer, potentially leading to denial of service, or arbitrary code execution...

CVE-2026-31797

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CTiffImg::ReadLine when iccApplyProfiles processes a crafted TIFF image, causing memory disclosure or crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-25573

CVE-2026-25573 affects the SICAM SIAPP SDK (all versions

CVE-2026-25572

The CVE affects SICAM SIAPP SDK (all versions

CVE-2026-25571

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK client component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

CVE-2026-25570

The CVE-2026-25570 entry identifies a stack overflow in the SICAM SIAPP SDK prior to version 2.1.7 due to insufficient input value checks, allowing local code execution and denial of service. Affected: SICAM SIAPP SDK (all versions

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM SDK, Java Technology (CVE-2025-53066, CVE-2025-53057)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-53066, CVE-2025-53057 of IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow ...

Jailbreaking the F-35 Fighter Jet

Countries around the world are becoming increasingly concerned about their dependencies on the US. If you've purchase US-made F-35 fighter jets, you are dependent on the US for software maintenance. The Dutch Defense Secretary recently said that he could jailbreak the planes to accept third-party...