AMD Graphics Vulnerabilities – May 2026

CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2024-36323| Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine VM or a process to perform unauthorized access to the register space of the JPEG...

PT-2026-40168

Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-40542

Name of the Vulnerable Software and Affected Versions esm.sh versions 137 and earlier Description The legacy router retrieves a response from legacyServer, parses the request path, and writes data to storage using the buildStorage.Put function. Because the router concatenates path components...

Fortinet Fortigate Out-of-bounds access in CAPWAP daemon (FG-IR-26-123)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-123 advisory. - An Out-Of-Bounds Write vulnerability CWE-787 in FortiOS capwap daemon may allow an attacker controlling an authenticated...

Adobe Premiere Pro < 25.6.5 / 26.0.0 < 26.2.0 Multiple Arbitrary code execution (APSB26-46) (macOS)

The version of Adobe Premiere Pro installed on the remote macOS host is prior to 25.6.5, 26.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-46 advisory. - Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that...

Adobe Media Encoder < 25.6.5 / 26.0.0 < 26.2.0 Multiple Arbitrary code execution (APSB26-47) (macOS)

The version of Adobe Media Encoder installed on the remote macOS host is prior to 25.6.5, 26.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-47 advisory. - Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound...

PT-2026-40132

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio/.NET versions prior to 10.0.8 Description A tampering issue occurs when .NET Core improperly handles specially crafted files. An attacker can exploit this by sending a specially crafted file to a vulnerable system,...

CVE-2026-43912 Vaultwarden: Cross-Org Group Binding Enables Unauthorized Read And Write Access Into Another Organization

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groupsusers.usersorganizationsuuid entry belongs to the same organization as groups.groupsuuid, or a collectionsgroups.collectionsuuid entry belongs to the same organization as...

CVE-2026-43912

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groupsusers.usersorganizationsuuid entry belongs to the same organization as groups.groupsuuid, or a collectionsgroups.collectionsuuid entry belongs to the same organization as...

EUVD-2026-29340

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groupsusers.usersorganizationsuuid entry belongs to the same organization as groups.groupsuuid, or a collectionsgroups.collectionsuuid entry belongs to the same organization as...

CVE-2026-43912

Vaultwarden (Rust) is affected prior to version 1.35.5 by a cross-organization group binding flaw. The vulnerability arises because groups_users.users_organizations_uuid and collections_groups.collections_uuid can be linked to mismatched organizations, and multiple organization group-management e...

CVE-2026-43901

Wireshark MCP (v1.1.5 and earlier) is affected by CVE-2026-43901: the wireshark_export_objects MCP tool accepts an attacker-controlled dest_dir and passes it to tshark --export-objects with no mandatory path restriction. The internal sandbox (_allowed_dirs) is None by default and only activated w...

CVE-2026-43901 Wireshark MCP: Arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wiresharkexportobjects MCP tool that accepts an attacker-controlled destdir parameter and passes it to tshark's...

CVE-2026-43901 Wireshark MCP: Arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wiresharkexportobjects MCP tool that accepts an attacker-controlled destdir parameter and passes it to tshark's...

EUVD-2026-29307

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local network may be abl...

EUVD-2026-29302

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination...

EUVD-2026-29273

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected...

EUVD-2026-29245

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination or write kernel memory...

EUVD-2026-29215

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to execute arbitrary code with kernel privileges...

CVE-2026-42046

libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write heap overflow by supplying a crafted file in the "caca" format. Depending on the build...