vulnerabilities handled in Adobe Illustrator

Adobe has identified several vulnerabilities in Adobe Illustrator versions 29.8.6, 30.3, and earlier. These vulnerabilities lie in the way Adobe Illustrator processes specially crafted files. There are issues with out-of-bounds write operations, NULL pointer dereferences, out-of-bounds reads, and...

CLSA-2026-1778604245 samba: Fix of CVE-2022-32742

CVE-2022-32742: fix server memory information leak via SMB1; insufficient range-check on SMB1 write request length allowed server memory contents to leak into the written file or printer instead of client-supplied bytes...

Exploit for Out-of-bounds Write in Google Chrome

Vuln...

CVE-2026-21018

Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2026-21018

Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2026-21018

Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2026-8053

An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping within the time-series...

SUSE CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

EUVD-2026-29887

The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions...

ExploitBench: A Capability Ladder Benchmark for LLM Cybersecurity Agents

Exploitation is not a binary event. It is a ladder of acquiring progressive capabilities, from executing a single buggy line of code to taking full control of the target. However, existing LLM security benchmarks treat a crash as exploitation success. That single binary outcome collapses the hard...

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which allows any editor to delete any snapshot, even without read/write privileges...

PT-2026-40691

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mmc core where the host-claimed bit shares a word with retune flags. This configuration leads to Read-Modify-Write RMW side effects in asynchronous contexts...

PT-2026-40693

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix set access flags no-op check for SMMU/ATS faults contpte ptep set access flags compared the gathered ptep get value against the requested entry to detect no-ops. ptep get ORs AF/dirty from all sub-PTEs in the...

AlmaLinux 10 : libpng (ALSA-2026:14790)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:14790 advisory. libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-33636 Tenable has extracted the...

PT-2026-40726

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.0 Description The endpoint "/api/tag/getTag" is registered using only the model.CheckAuth middleware, missing the model.CheckAdminRole and model.CheckReadonly checks. This allows any authenticated user, including...

PT-2026-40791

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An Editor can overwrite a dashboard they do not own to acquire admin privileges for that specific dashboard. This privilege escalation requires the user to have...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper setting or clearing of CR8 write interception when AVIC is activated. This vulnerability...

CVE-2026-8053 FlatBSON Duplicate Field Index Drift

An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping within the time-series...

CVE-2026-8053 FlatBSON Duplicate Field Index Drift

An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping within the time-series...

FlatBSON Duplicate Field Index Drift

An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping within the time-series...