PUB-A-486024286

In lwisiobufferwrite of lwisiobuffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

WezTerm MCP Server: Operating System Command Injection Vulnerability

WezTerm MCP Server is a terminal control and interaction tool developed by Kentaro Hiraishi. Version 0.1.0 of WezTerm MCP Server contains a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations in the switchpane/writetospecificpane...

PT-2026-45257

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

Debian dla-4610 : git-lfs - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4610 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/...

PUB-A-494629585

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45256

In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786...

PUB-A-449726527

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45444

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

Poppler input validation vulnerability

Poppler is an open-source PDF rendering library developed by Poppler. Poppler has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the tilingPatternFill function within the Splash backend. As a result of this overflow, insufficient heap memo...

PUB-A-481652507

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10201

Assimp up to 6.0.4 contains a vulnerability in FBXExporter::WriteObjects (FBXExporter.cpp) within the UV Channel Handler. A manipulation can trigger a divide-by-zero error when processing FBX data, requiring local access to exploit. Public disclosure of the exploit is noted, and applying a patch ...

[SECURITY] [DLA 4610-1] git-lfs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura May 31, 2026 https://wiki.debian.org/LTS -...

Exploit for Write-what-where Condition in Linux Linux_Kernel

CVE-2...

CVE-2026-10114

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handlescpinfo in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been...

CVE-2026-10114

Open5GS up to 2.7.7 is affected by an out-of-bounds write in handle_scp_info (lib/sbi/nnrf-handler.c) within the Shared NF-profile Parser. The issue can be triggered remotely and is linked to a publicly disclosed exploit. Remediation guidance in the sources is to deploy an official patch; no addi...

Exploit for OS Command Injection in Thecodingmachine Gotenberg

POCCVE-2026-42589 Local reproduction lab and nuclei template...

SUSE CVE-2026-9906

Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-9930

Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-9973

Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-9974

Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...