UBUNTU-CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

PT-2026-37090

Name of the Vulnerable Software and Affected Versions OpenStack Horizon versions 25.6 through 25.7.2 Description A flaw exists in the login view where a post-login redirect URL is written to the server-side session storage before a user is authenticated. This allows unauthenticated requests to...

Adobe After Effects has a binary vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A binary vulnerability exists in Adobe After Effects 25.6 and earlier...

Adobe After Effects suffers from an out-of-bounds read vulnerability (CNVD-2026-12689)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects 25.6 and...

Adobe After Effects has a Memory Free After Use Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects 25.6 and earlier versions suffer from a Memory Free Aft...

CVE-2026-21350

After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CVE-2026-21350

After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CVE-2026-21320

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21329 After Effects | Use After Free (CWE-416)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21330

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

CVE-2026-21330 After Effects | Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

CVE-2026-21351

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-7381

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-7373

Name of the Vulnerable Software and Affected Versions After Effects versions 25.6 and earlier Description The software is susceptible to an Integer Overflow or Wraparound issue that may lead to arbitrary code execution with the privileges of the current user. Successful exploitation requires a us...

GeoTools 输入验证错误漏洞

GeoTools is an open source Java library. Provides tools for geospatial data. GeoTools suffers from an input validation error vulnerability that stems from the GeoTools library having a number of data sources that can perform JNDI lookups, which are used to perform class deserialization and lead t...