PT-2026-38333

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.0.0 through 3.2.8 OpenEXR versions 3.3.0 through 3.3.10 OpenEXR versions 3.4.0 through 3.4.10 Description An integer overflow exists in the ImageChannel::resize function, which can lead to a heap out-of-bounds OOB write—a...

EUVD-2026-25612

4ga Boards is a boards system for realtime project management. Prior to 3.3.5, 4ga Boards is vulnerable to user enumeration via a timing side-channel in the login endpoint POST /api/access-tokens. When an invalid username/email is provided, the server responds immediately 17ms average. When a val...

UBUNTU-CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

Vulnerabilities fixed in Cisco ISE and ISE-PIC

Cisco has fixed vulnerabilities in Cisco ISE and ISE-PIC. The vulnerabilities are in the way Cisco ISE and ISE-PIC process files through APIs and validate user input. Unauthenticated attackers with access to the API interface can exploit these vulnerabilities to upload and execute arbitrary files...