CVE-2026-5318

A flaw was found in LibRaw. A remote attacker could exploit this vulnerability by manipulating the 'bits' argument within the 'HuffTable::initval' function of the JPEG DHT Parser component. This manipulation leads to an out-of-bounds write, which can result in a Denial of Service DoS condition,...

CVE-2026-34544

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker or local user could exploit this vulnerability by providing a specially crafted B44 or B44A EXR file. This crafted file can cause an out-of-bounds write during file decoding, which may lead to...

CVE-2026-5317

A flaw was found in Nothings stb, a library used for processing audio. A remote attacker can exploit a vulnerability involving an out-of-bounds write within the startdecoder function. This issue could allow an attacker to cause the application to crash, disclose sensitive information, or corrupt...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the initval function of the JPEG DHT Parser component when processing the bits argument. An attacker can cause a denial of service by supplying a specially crafted JPEG file that triggers an out-of-bounds write...

CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

DEBIAN-CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

CVE-2026-5318

LibRaw is affected up to 0.22.0. The vulnerability resides in HuffTable::initval (src/decompressors/losslessjpeg.cpp) where manipulation of bits[] can trigger an out-of-bounds write. An attacker could potentially exploit this remotely, and a public exploit has been made available. The fix is the ...

CVE-2026-5318 LibRaw JPEG DHT losslessjpeg.cpp initval out-of-bounds write

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

CVE-2026-5317 Nothings stb stb_vorbis.c start_decoder out-of-bounds write

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the startdecoder function. An attacker can cause application crashes, disclose sensitive information, or corrupt data by supplying specially crafted audio files to applications utilizing the affected library...

EUVD-2026-18098

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

PT-2026-29874

Fireshare facilitates self-hosted media and link sharing. Prior to version 1.5.3, the fix for CVE-2026-33645 was applied to the authenticated /api/uploadChunked endpoint but was not applied to the unauthenticated /api/uploadChunked/public endpoint in the same file app/server/fireshare/api.py. An...

PT-2026-29710

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

PT-2026-29881

Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 6.8.156, 25.0.90, and 26.0.12 Description Group-Office, an enterprise customer relationship management and groupware tool, is affected by an insecure deserialization issue in the AbstractSettingsCollection model...

PT-2026-33152

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description An out of bounds write in the GPU allows a remote attacker who has compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. An out of bounds write...

Poetry 路径遍历漏洞

Poetry is an open-source Python tool used for dependency management and packaging. Versions of Poetry from 1.4.0 to 2.3.3 had a path traversal vulnerability. This vulnerability stemmed from custom wheel files that might contain unrestricted paths, allowing arbitrary file writing with the privileg...

FreeRDP Heap Buffer Overflow Vulnerability (CNVD-2026-16033)

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a heap buffer overflow vulnerability. The vulnerability arises due to an out-of-bounds heap memory write due to a bmpSize synchronization error in the persistent cache. An attacker can...

📄 Langflow 1.8.4 File Write / Traversal / Remote Code Execution

Langflow versions 1.8.4 and below have an issue where the POST /api/v2/files endpoint does not sanitize the filename parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences. When Langflow runs with...