EUVD-2026-29746

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-29745

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-29754

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the exec2 process. An attacker can access or modify arbitrary files on the client host by exploiting symbolic link handling. Remediation Upgrade github.com/hashicorp/nomad-driver-exec2/pkg/util to version 0.1.2 or...

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization in the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization via the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...

CVE-2025-65086

An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...

CVE-2026-44260 efw4.X: readonly Flag Not Enforced Server-Side

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

CVE-2026-44260

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

EUVD-2026-29845

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

CVE-2026-44260

The CVE concerns efw4.X (Enterprise Framework for Web). Before 4.08.010, the readonly flag on the efw:elFinder JSP tag is meant to prevent modifications, but server-side checks are missing: even when protected=true and the client sends readonly=true, there is no event handler enforcing the readon...

CVE-2026-44260 efw4.X: readonly Flag Not Enforced Server-Side

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

CVE-2026-45225 Heym < 0.0.21 Path Traversal File Upload via upload_file()

Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...

CVE-2026-45225

CVE-2026-45225 affects Heym before 0.0.21. A path traversal flaw in the file upload endpoint (upload_file()) allows authenticated users to write attacker-controlled files to arbitrary locations by using traversal sequences in the filename. The vulnerability stems from an unvalidated filename para...

CVE-2025-65086 Out-of-bounds write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...

CVE-2025-65086

An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...

CVE-2025-65086 Out-of-bounds write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...

CVE-2026-43666

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local network may be abl...

CVE-2026-28972

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected...

CVE-2026-28819

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to execute arbitrary code with kernel privileges...