PT-2026-45643

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

SUSE SLES15 Security Update : docker-stable (SUSE-SU-2026:2120-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2120-1 advisory. This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft...

PUB-A-480123693

In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45255

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791...

F5-TTS path traversal vulnerability

F5-TTS is a voice synthesis tool based on stream matching, developed by Yushen CHEN. Versions of F5-TTS prior to 1.1.20 contained a path traversal vulnerability. This vulnerability stemmed from path traversal within theGradio processing program, allowing unauthenticated attackers to write arbitra...

goclaw operating system command injection vulnerability

Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier contained a vulnerability related to operating system command injection. This vulnerability originated from the FsBridge.WriteFile function in the internal/sandbox/fsbridge....

ASB-A-484973621

In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-486024286

In lwisiobufferwrite of lwisiobuffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-477021934

In mfccoregetdecmetadataseinal of mfccoreregapi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

WezTerm MCP Server: Operating System Command Injection Vulnerability

WezTerm MCP Server is a terminal control and interaction tool developed by Kentaro Hiraishi. Version 0.1.0 of WezTerm MCP Server contains a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations in the switchpane/writetospecificpane...

Debian dla-4610 : git-lfs - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4610 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/...

PT-2026-45257

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

PUB-A-494629585

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45256

In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786...

PUB-A-449726527

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Poppler input validation vulnerability

Poppler is an open-source PDF rendering library developed by Poppler. Poppler has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the tilingPatternFill function within the Splash backend. As a result of this overflow, insufficient heap memo...

PT-2026-45444

Name of the Vulnerable Software and Affected Versions Poppler affected versions not specified Description A flaw in the Splash backend allows a remote attacker to trigger an integer overflow in the tilingPatternFill function by using a specially crafted PDF file. This overflow causes an undersize...

PUB-A-481652507

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10201

Assimp up to 6.0.4 contains a vulnerability in FBXExporter::WriteObjects (FBXExporter.cpp) within the UV Channel Handler. A manipulation can trigger a divide-by-zero error when processing FBX data, requiring local access to exploit. Public disclosure of the exploit is noted, and applying a patch ...

[SECURITY] [DLA 4610-1] git-lfs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura May 31, 2026 https://wiki.debian.org/LTS -...