PT-2026-46903

All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip when extracting a ZIP archive containing two entries with the same path - the first being a symlink to an arbitrary target and the second being a regular file - the file content is writte...

PT-2026-47083

Summary An authenticated user with base-create permission can attach a SQLite source pointing at an arbitrary file on the NocoDB host, including NocoDB's own internal databases. Details The SQLite client and the base/integration create services accepted a caller-supplied filename and passed it to...

UBUNTU-CVE-2026-50262

GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write...

PT-2026-47059

We just found and disclosed CVE-2026-10753 in Google's Site Kit, the official Google plugin running on 5M+ WordPress sites. Our team caught a broken access control flaw that slipped past everyone else. One REST API write endpoint checked for view level access when it should have required admin...

UBUNTU-CVE-2026-50264

DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write...

7-Zip >= 9.11 < 26.01 UDF OOB Read (GHSL-2026-115_GHSL-2026-122)

The version of 7-Zip installed on the remote Windows host is = 9.11 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's UDF field handling, which can lead to a crash when processing a crafted UDF image. CVE-2026-48102 - A path...

PT-2026-47044

Name of the Vulnerable Software and Affected Versions Altium Enterprise Server affected versions not specified Description Two path traversal issues in the Network Installation Service NIS allow an unauthenticated network attacker to read package archive files and write arbitrary files to any...

Linux Distros Unpatched Vulnerability : CVE-2026-11173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code...

CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

CVE-2026-11173

CVE-2026-11173 describes an out-of-bounds write in V8 affecting Google Chrome builds prior to 149.0.7827.53. The issue allows a remote attacker who has compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Affected component: V8 in Chrome; vulnerabil...

CVE-2026-11173

Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11173

Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

CVE-2026-11079

CVE-2026-11079 concerns Google Chrome’s Codecs. The issue is caused by insufficient validation of untrusted input in codecs, enabling a remote attacker to trigger an out-of-bounds memory write via a crafted video file. Affected product: Google Chrome (before 149.0.7827.53). The impact, as describ...

CVE-2026-11043

Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11037

Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-11037

Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-11037

CVE-2026-11037 describes an out-of-bounds write in Chrome’s Codecs component, affecting Google Chrome before version 149.0.7827.53. The issue could allow a remote attacker to potentially achieve a sandbox escape via a crafted video file. Chromium/Chrome lists the vulnerability with a Chromium sec...