EUVD-2026-22113

ImageMagick has a heap buffer overflow WRITE in the YAML and JSON encoders...

EUVD-2026-22434

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...

EUVD-2026-22311

The Python remote debugging feature could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via the remote debugging feature. This vulnerability requires persistently and repeatedly connecting to the process to be...

EUVD-2026-22443

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27291

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27258 DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...

CVE-2026-27258 DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...

CVE-2026-27291

CVE-2026-27291 affects Adobe InDesign Desktop. Affected versions: 20.5.2, 21.2 and earlier. The issue is an out-of-bounds write (CWE-787) that could permit arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim opening a malici...

CVE-2026-27291 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

CVE-2025-61624

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...

CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

UBUNTU-CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

CVE-2025-61624

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...

CVE-2025-61624

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...

CVE-2026-5713

The CVE-2026-5713 entry covers a vulnerability in Python related to the profiling.sampling module (Python 3.15+) and asyncio introspection capabilities (3.14+). The issue enables out-of-bounds read/write in a privileged process when that process is connected to a malicious or infected Python proc...

AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability

The vulnerability assigned to this CVE could lead to corruption of guest encrypted memory. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide...

JLSEC-2026-99

Deno =1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory...

JLSEC-2026-111 Deno's --deny-write check does not prevent permission bypass

Summary Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtime times on the file stream resource even when the file is opened with read only permission...

JLSEC-2026-107 Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag

The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access equivalent to --allow-env, and writing /proc/self/mem may provide access equivalent t...