PT-2026-41053

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An out of bounds write in WebAudio allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. An out of bounds write occurs when a program writes...

PT-2026-41087

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An out-of-bounds write issue exists in the Fonts component, which occurs when the font rendering engine mishandles memory operations by writing data past an allocated memory buffer. Th...

PT-2026-41081

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.168 Description A heap buffer overflow in the GPU allows a remote attacker to perform an out-of-bounds memory write by using a crafted HTML page. A heap buffer overflow occurs when a progra...

PT-2026-41077

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An out-of-bounds write in the Media component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. An...

PT-2026-41088

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in the Internationalization component allows a remote attacker to perform an out-of-bounds memory write by inducing the user to visit a crafted HTML page. An...

PT-2026-41096

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in ANGLE on Windows allows a remote attacker to perform an out-of-bounds memory write by inducing the user to open a crafted HTML page. An integer overflow occurs...

PT-2026-41108

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in Skia allows a remote attacker who has compromised the renderer process to perform an out of bounds memory write via a crafted print file...

RHEL 7 : ImageMagick (RHSA-2026:17618)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17618 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixes:...

RHEL 9 : libpng (RHSA-2026:17603)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17603 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...

Linux Distros Unpatched Vulnerability : CVE-2026-8053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memor...

Linux Distros Unpatched Vulnerability : CVE-2026-8558

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

RHEL 9 : libpng (RHSA-2026:17524)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17524 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...

Linux Distros Unpatched Vulnerability : CVE-2026-8579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process t...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021410 advisory. GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-021393)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021393 advisory. GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021388)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021388 advisory. GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Linux Distros Unpatched Vulnerability : CVE-2026-8052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad's exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink...

Linux Distros Unpatched Vulnerability : CVE-2026-6959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symli...

EUVD-2026-30143

An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege...

CVE-2026-44221

ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...