Lucene search
K

78 matches found

OSV
OSV
added yesterday5 views

ROOT-OS-UBUNTU-2404-CVE-2026-52934 CVE-2026-52934 in rootio-linux - Patched by Root

Root has patched CVE-2026-52934 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

8.8CVSS5.8AI score0.00247EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-25782

Gitea versions before 1.25.5 look up tracked-time entries by time ID without scoping the lookup to the issue in the request URL, allowing deletion attempts to target entries from another issue...

5.9AI score0.00159EPSS
Exploits0References5
CVE
CVE
added 3 days ago7 views

CVE-2026-25782

Gitea before 1.25.5 is affected: tracked-time entries are looked up by time ID without confirming the associated issue in the request URL, enabling deletion attempts to affect entries from a different issue. Root cause is improper scoping of the lookup. Impact is potential cross-item deletion of ...

5.9AI score0.00159EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-41615

Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries...

6AI score0.00159EPSS
Exploits0References4
CVE
CVE
added 3 days ago7 views

CVE-2026-20909

The CVE-2026-20909 affects Gitea prior to version 1.25.5, where there are insufficient permission checks when listing tracked time entries. This could allow unauthorized access to time-tracking data via the tracked-time list endpoint due to inadequate authorization enforcement in affected builds....

6AI score0.00159EPSS
Exploits0References4
EUVD
EUVD
added last week6 views

EUVD-2026-40153

A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...

5CVSS5.3AI score0.00199EPSS
Exploits0References8
Cvelist
Cvelist
added last week37 views

CVE-2026-13591 DeepMyst Mysti Contact Tracking ChannelBridge.ts _isTrackedConversation improper authorization

A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...

5CVSS0.00199EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/22 7:32 p.m.7 views

CVE-2026-8358

A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...

6.9CVSS6.1AI score0.00171EPSS
Exploits0References4
NVD
NVD
added 2026/06/15 6:16 p.m.9 views

CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 4:24 p.m.6 views

CVE-2026-8358 Heap buffer overflow in spreadsheet tracked-changes import

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS5.6AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 4:24 p.m.6 views

EUVD-2026-36740

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS5.6AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 4:24 p.m.34 views

CVE-2026-8358 Heap buffer overflow in spreadsheet tracked-changes import

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS0.00171EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 4:24 p.m.37 views

CVE-2026-8358

CVE-2026-8358 affects LibreOffice Calc during import of tracked changes. A heap buffer overflow occurs when a document reuses the same change identifier for two different kinds of changes; the importer may treat one change object as a larger type and write past the end of its allocation. The vuln...

6.9CVSS5.6AI score0.00171EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/15 4:24 p.m.6 views

CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS5.5AI score0.00171EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.8 views

PT-2026-49268

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS5.6AI score0.00171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for tw...

6.9CVSS6.1AI score0.00171EPSS
Exploits0References4
OSV
OSV
added 2026/06/01 8:16 a.m.7 views

UBUNTU-CVE-2026-10230

A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::readanimations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally...

5.3CVSS5.8AI score0.00127EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 5:46 a.m.12 views

Malicious code in react-tracked-tony (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeb24dfdd4a970dc44c017056c2a39bed6aa5973a7ec7e94b20c70d90114726c react-tracked-tony impersonates the popular react-tracked package: package.json sets name: react-tracked-tony, author: Daishi Kato, and homepage:...

5.9AI score
Exploits0References2
Circl
Circl
added 2026/04/02 10:13 a.m.4 views

CVE-2026-29134

creationtimestamp| type| source ---|---|--- 2026-04-02 10:13:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miixupggzk2i 2026-04-16 21:19:51+00:00| seen| Telegram/3Rneua8sJN4acwbkH9WJwYA0S4fbpKs2cDcX7PKNKVaNXM...

7.5CVSS4.8AI score0.00225EPSS
Exploits0References1
Fedora
Fedora
added 2026/03/27 1:18 a.m.6 views

[SECURITY] Fedora 43 Update: libopenmpt-0.8.6-1.fc43

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

5.9AI score
Exploits0
Rows per page
Query Builder