CVE-2026-48734

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

DEBIAN-CVE-2026-48734

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

CVE-2026-48734

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

CVE-2026-48734

ImageMagick CVE-2026-48734 affects the MVG decoder and causes a stack overflow due to a missing depth or visited-set check. Affected versions are prior to 6.9.13-49 and 7.1.2-24. The issue can lead to denial of service with a crafted MVG file that exploits the stack overflow. The CVSS data indica...

@ainsleydev/payload-helper (>=0.0.1 <=0.0.2), @bsct/payload (=1.0.0) +89 more potentially affected by CVE-2026-41690 via i18next-http-middleware (>=3.0.2 <=3.9.2)

i18next-http-middleware NPM version =3.0.2, =0.0.1, =1.0.1, =0.0.1, =0.0.1, =0.0.1, =8.0.0, =3.0.0, =1.0.0, =1.0.6, =1.0.0, =0.0.1, =0.0.229 and more Source cves: CVE-2026-41690 Source advisory: SNYK:JS-I18NEXTHTTPMIDDLEWARE-16415526...

CVE-2026-21292

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker attacker to inject malicious scripts into vulnerable form fields. Exploitation of...

PT-2026-24747

Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to follow them in order to “assist” the user. When combined with a bypass of the command whitelist mechanism, such indirect prompt injections...

What does Google know about me? (Lock and Code S06E21)

This week on the Lock and Code podcast … Google is everywhere in our lives. It's reach into our data extends just as far. After investigating how much data Facebook had collected about him in his nearly 20 years with the platform, Lock and Code host David Ruiz had similar questions about the othe...

EUVD-2010-5033

Malware in sbrugna...

EUVD-2002-2414

Malware in sbrugna...

EUVD-2010-5032

Malware in sbrugna...

EUVD-2010-5038

Malware in sbrugna...

EUVD-2016-6239

Malware in sbrugna...

EUVD-2010-2276

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-1728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Cascading Style Sheets CSS implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the a:visited button selector during height processin...

Linux Distros Unpatched Vulnerability : CVE-2017-7142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the WebKit Storage component. It allows attackers to bypass...

webkitgtk: A website may able to track visited websites in private browsing

A flaw was found in webkitgtk where a website may be able to track the websites a user visited in private browsing mode...

CVE-2010-5068

The Cascading Style Sheets CSS implementation in Opera 10.5 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264...

The vulnerability of ExpressVPN’s split-tunneling function allows a hacker to obtain confidential information about websites visited by VPN users.

The vulnerability of ExpressVPN’s split-tunneling service lies in the lack of protection for service-related data. Exploiting this vulnerability allows a malicious actor to obtain confidential information about websites visited by VPN users remotely...

webkitgtk: A website may able to track visited websites in private browsing

A flaw was found in webkitgtk where a website may be able to track the websites a user visited in private browsing mode...