EUVD-2026-36662

Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...

GHSA-8VFJ-Q2CP-5M5J ImageMagick has a heap buffer overflow read in magnify operation via unrecognized magnify:method value

An unrecognized magnify:method will result in an out of bounds read in the magnify operation. ==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000b30 READ of size 4 at 0x61a000000b30 thread T0...