233636 matches found
CVE-2026-6891
CVE-2026-6891 affects My Image Garden for macOS (version 3.6.8 or earlier). The installer improperly handles symbolic links, enabling a local user with login privileges to exploit a specially crafted symbolic link during installation to modify permissions on files they normally wouldn’t be author...
CVE-2026-9963
Uninitialized Use in iOS Google Chrome (on iOS) prior to version 148.0.7778.216 allows a remote attacker to trigger arbitrary code execution inside the Chrome sandbox via a crafted HTML page after convincing a user to perform specific UI gestures. Affected product: Google Chrome on iOS; root caus...
CVE-2026-9955
Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-45343
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains a stored cross-site scripting vulnerability that allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This affects instances configured with SSO/OAuth...
CVE-2026-46108
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI System Interface SI driver. This vulnerability occurs when the driver fails to return to a normal operational state after a message allocation failure. This improper state handling can lead to the driver not...
CVE-2026-46124
A flaw was found in the Linux kernel's isofs filesystem. An authenticated NFS Network File System peer can exploit this vulnerability by providing a specially crafted file handle. This allows the server to read arbitrary in-range blocks on the backing device, leading to information disclosure whe...
CVE-2026-46128
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI subsystem. This vulnerability occurs when the kernel processes event message buffer responses from Baseboard Management Controllers BMCs. Some BMCs may return an empty message instead of an expected error, which...
CVE-2026-46142
A flaw was found in the Linux kernel's libwx network driver. When a Virtual Function VF is initialized, it attempts to read a Physical Function PF restricted register, WXCFGPORTST. This illegal register access can lead to a system hang, resulting in a Denial of Service DoS...
CVE-2026-46164
A flaw was found in the Linux kernel's btrfs filesystem. This vulnerability, a double free, occurs in the createspaceinfosubgroup function's error handling path. When kobjectinitandadd fails, a memory region can be freed twice. This can lead to memory corruption, potentially resulting in a denial...
CVE-2026-46177
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI driver. This vulnerability allows a malfunctioning Baseboard Management Controller BMC to cause the IPMI driver to continuously fetch events and messages, or become stuck if the attention bit remains active. Thi...
CVE-2026-46175
A flaw was found in the Linux kernel's f2fs filesystem. During Foreground Garbage Collection FGGC of node blocks, the system fails to properly clear internal metadata marks. This can lead to filesystem inconsistencies, where the fsck utility may misinterpret the state of migrated data. A local us...
CVE-2026-46196
A flaw was found in the Linux kernel. When a tracepoint a mechanism for dynamic instrumentation is registered, a failure during the probe installation process can lead to the registration's side effects persisting without a corresponding probe. This can cause a Denial of Service DoS by leaving...
CVE-2026-46204
A flaw was found in the Linux kernel's AMD GPU Graphics Processing Unit driver, specifically within the drm/amdgpu/vcn4 component. This vulnerability allows for an out-of-bounds read when processing an Instruction Buffer IB. An attacker could potentially exploit this to read sensitive information...
CVE-2026-46208
A flaw was found in the Linux kernel's batman-adv module. When a mesh interface is removed, the batadvmeshfree function does not properly stop tpmeter sessions. This oversight allows active tpmeter sender threads or late incoming packets to continue processing against a mesh instance that is in t...
CVE-2026-46210
A flaw was found in the Linux kernel's iris media driver. A race condition can occur when the driver attempts to free a resource while it is still being accessed by another part of the system. This leads to a use-after-free vulnerability, where a program tries to use memory that has already been...
CVE-2026-46217
A flaw was found in the Linux kernel, specifically within the AMD GPU Graphics Processing Unit driver component drm/amdgpu/vcn4. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denia...
CVE-2026-46221
A flaw was found in the Linux kernel's EDAC/versalnet component. A memory leak occurs because the device name, allocated during initialization, is not properly freed. Over time, this unreleased memory could lead to resource exhaustion, potentially impacting system stability and availability...
CVE-2026-46241
A flaw was found in the Linux kernel's spi: mpc52xx component. This use-after-free vulnerability occurs when the controller registration fails. An attacker could potentially exploit this flaw to cause a system crash or lead to a resource leak, impacting system stability and availability...
CVE-2026-46240
A flaw was found in the Linux kernel, specifically within the media: iris driver. This vulnerability, a use-after-free, occurs when a buffer is prematurely freed by sessionreleasebuf while irisreleaseinternalbuffers continues to access it. This improper handling of memory can lead to system...
Security Bulletin: Vulnerabilities in libxml2 (CVE-2026-0989, CVE-2026-0990, CVE-2026-0992) affect AIX
Summary Vulnerabilities in libxml2 could cause a denial of service CVE-2026-0989, CVE-2026-0990, CVE-2026-0992. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2026-6732 DESCRIPTION: A flaw was found in libxml2. This vulnerability occurs when the library...