CVE-2026-0983

Denial-of-service condition in M-Files Server versions before 26.5.16015.0, before 26.2 LTS, and before 25.8 LTS SR3 allows an authenticated user to cause the MFserver process to crash...

CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

PT-2026-38345

Name of the Vulnerable Software and Affected Versions LibreOffice versions 26.2 through 26.2.2 LibreOffice versions 25.8 through 25.8.6 Description An out-of-bounds write occurs when processing crafted OOXML documents that contain mismatched encryption salt parameters. An out-of-bounds write is a...

CVE-2026-6421 Mobatek MobaXterm Home Edition msimg32.dll uncontrolled search path

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

PT-2026-27525

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.7 iPadOS versions prior to 18.7.7 iOS version 26.2 iPadOS version 26.2 Description A path handling issue exists due to improved validation. This may allow a user with physical access to bypass Activation Lock. The...

CVE-2025-46297

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected files within an App Sandbox container...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 26.2 and Apple iPadOS version 26.2, which stems from a logic issue th...

CVE-2025-46281

A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox...

CVE-2025-43475

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data...

CVE-2025-46278

The CVE-2025-46278 entry affects macOS Tahoe; root cause involves improved handling of caches that could allow an app to access protected user data. The vulnerability is fixed in macOS Tahoe 26.2. Primary sources (NVD/Red Hat/CIRCL/NCSC entries) describe the issue as a cache-handling problem with...

CVE-2025-43526

This issue was addressed with improved URL validation. This issue is fixed in macOS Tahoe 26.2, Safari 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted...

CVE-2025-46283

CVE-2025-46283 describes a logic issue resolved by improved validation in macOS Tahoe 26.2. The available descriptions indicate that, prior to the fix, an app may be able to access sensitive user data. References across Red Hat, NVD, CIRCL, and Apple security content consistently link the issue t...

CVE-2025-43501

CVE-2025-43501 affects WebKitGTK/WebKitGTK4. The connected advisories document a buffer overflow in processing malicious web content that can lead to an unexpected process crash in affected GTK-based WebKit runtimes. The issue is fixed in WebKitGTK/WebKitGTK4 by version 2.50.4 (and related packag...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Appl...

PT-2025-54488

Name of the Vulnerable Software and Affected Versions Apple Safari versions 26.2 Apple tvOS versions 26.2 Apple watchOS versions 26.2 Apple visionOS versions 26.2 Apple iOS versions 26.2 Apple iPadOS versions 26.2 macOS Tahoe versions 26.2 Description A type confusion issue exists in the...

PT-2025-54487

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.2 Description A permissions issue existed where an application could potentially access protected files within an App Sandbox container. This issue was addressed with additional restrictions. Recommendations...

CVE-2022-28862

In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized and unexpected operations against the remo...

CVE-2024-53846 ssl fails to validate incorrect extened key usage

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...