CVE-2026-48733

ImageMagick suffers an infinite loop in subimage-search when processing a crafted image, potentially causing a denial of service. The vulnerability affects 6.9.13-49 and 7.1.2-24 before the patch; patched versions are 6.9.13-49 and 7.1.2-24. Attack vector is local with user interaction required; ...

CVE-2026-48724

ImageMagick (CVE-2026-48724) fixes a heap buffer underwrite in Floyd‑Steinberg depth dithering when processing images with a mask. Affected versions prior to 7.1.2-24 are vulnerable; the issue is patched in 7.1.2-24. CVSSv3.1 base score 5.5 (Medium) with Local attack vector, Low attack complexity...

CVE-2026-47166

Summary (CVE-2026-47166) ImageMagick’s distributed pixel cache server is vulnerable to a heap buffer over-read when a privileged, local attacker can connect to the magick -distribute-cache service. This flaw could lead to information disclosure (and potential DoS) in affected server processes. Th...

CVE-2026-47165

ImageMagick CVE-2026-47165 (and CVE-2026-47166) affect versions prior to 6.9.13-48 and 7.1.2-23 where the distributed pixel cache lacked a challenge–response authentication model, enabling local attackers with high privileges to access sensitive pixel data. Additionally, CVE-2026-47166 describes ...

CVE-2026-46693

Summary : CVE-2026-46693 affects ImageMagick’s distributed pixel cache server. A race condition can allow a privileged attacker who can connect to a magick -distribute-cache service to hijack a file descriptor in the server process. The issue is specifically tied to the distributed cache mechanis...

CVE-2026-42563

CVE-2026-42563 affects the Python package Dulwich (versions

CVE-2026-46692

CVE-2026-46692 affects ImageMagick via a heap buffer over-write in the distributed pixel cache server when a client connects to magick -distribute-cache. The CVE entry notes this vulnerability and states fixes have been applied in ImageMagick versions 6.9.13-48 and 7.1.2-23, addressing the issue....

CVE-2026-46559

ImageMagick CVE-2026-46559 is a JP2 encoder heap buffer over-write of a single byte triggered by certain options. Affected versions are 6.9.13-47 and earlier and 7.1.2-22 and earlier; patch applied in 6.9.13-48 and 7.1.2-23. This CVE has a CVSSv3.1 base score of 4.0 (Medium), with LOCAL attack ve...

CVE-2026-46557

ImageMagick (fx operation) is affected by CVE-2026-46557 due to a missing depth check that can cause a stack overflow when processing crafted inputs. Affected versions are pre-7.1.2-23 (and related Debian/OSV entries reference the same issue); the vulnerability is fixed in 7.1.2-23. Exploitation ...

CVE-2026-46521

CVE-2026-46521 affects ImageMagick: a heap buffer over-write in the MIFF encoder when using LZMA compression due to a missing check. Exploitation is local with low complexity and requires user interaction, potentially impacting availability. A patch is available: fixed in ImageMagick versions 6.9...

CVE-2026-42558

CVE-2026-42558 affects Xibo CMS (prior to 4.4.2). A vulnerability chain combining Stored XSS and an Iframe sandbox escape via the Data Connector Script in DataSet can be exploited by an authorized user who has DataSet permissions and the ability to add DataSets to layouts. The issue requires the ...

CVE-2026-46520

ImageMagick contains a vulnerability (CVE-2026-46520) where reading multiple images with differing dimensions can trigger an out-of-bounds heap write in the IPL decoder. Affected releases prior to the patch are 6.9.13-48 and 7.1.2-23; the issue is fixed in those versions. The CVSS metrics indicat...

CVE-2026-45664

ImageMagick (MNG coder) contains a vulnerability (CVE-2026-45664) that could allow reading more images than the list-limit policy, leading to excessive resource usage. The issue, caused by a missing check in the MNG coder, has been patched in ImageMagick versions 6.9.13-47 and 7.1.2-22. Affected ...

CVE-2026-46522

CVE-2026-46522 : ImageMagick’s MIFF decoder contains a missing input-length check in ReadMIFFImage, causing an infinite loop that can exhaust CPU. This affects pre-fix releases prior to 7.1.2.23 and 6.9.13-48. The issue’s impact is CPU exhaustion (availability) as described in multiple advisories...

CVE-2026-45624

CVE-2026-45624 affects ImageMagick; in versions prior to 6.9.13-47 and 7.1.2-22, a polynomial distortion can trigger an out-of-bounds over-read of 24 bytes when using specific arguments. The issue is a root-cause in the distortion implementation and can lead to information disclosure via a memory...

CVE-2026-45359

CVE-2026-45359 (ImageMagick) : A flaw in the connected-components operation arises from an invalid keep-top value, which can cause a heap buffer over-read. This affects ImageMagick versions prior to 6.9.13-48 and 7.1.2-22. The issue is mitigated by the patched releases 6.9.13-48 and 7.1.2-22. Upg...

CVE-2026-45358

CVE-2026-45358 concerns ImageMagick, where an off-by-one in the meta encoder can cause an out-of-bounds read of a single byte. Affected releases include 6.9.13-46, 7.1.2-21 and earlier; it has been patched in 6.9.13-47 and 7.1.2-22. Other CVEs in the related advisories (e.g., CVE-2026-42326, CVE-...

CVE-2026-42326

ImageMagick contains CVE-2026-42326: a heap buffer over-read in the IPTC encoder when handling input during IPTC output file writing. Affected are ImageMagick versions prior to 6.9.13-47 and 7.1.2-22. The issue has been patched in 6.9.13-47 and 7.1.2-22. Upgrade to those versions (or newer) to re...

CVE-2026-45031

CVE-2026-45031 affects ImageMagick via a missing check in the PSD decoder that could bypass the list-length resource policy when decoding PSD images. The issue is specifically noted for versions prior to 6.9.13-47 and 7.1.2-22, with a patch applied in those two release lines. Connected sources al...

CVE-2026-2049

CVE-2026-2049 is a heap-based buffer overflow in HDR file parsing within gegl (used by GIMP) caused by insufficient validation of the length of user-supplied data. This can lead to remote code execution when a user opens a malicious HDR file or visits a crafted page, as indicated by the CVSS vect...

CVE-2026-46523

CVE-2026-46523 : ImageMagick contains a use-after-free in the MSL decoder that can be triggered by a crafted MSL image. Affected builds prior to 7.1.2.23 and 6.9.13-48 are vulnerable; the issue is fixed in 7.1.2.23 and 6.9.13-48. The CVSS indicates a low attack complexity, local access, and high ...

CVE-2026-46625

CVE-2026-46625 concerns the JavaScript Cookie library (js-cookie) prior to 3.0.7. A per-instance prototype hijack occurs in the internal assign() when merging properties from a source object produced by JSON.parse that may include an own enumerable proto key. This polluted prototype leads to atta...

CVE-2026-45783

CVE-2026-45783 pertains to libp2p’s Kad-DHT (JavaScript) implementation. Before version 16.2.6, an unauthenticated remote peer can flood a server-mode Kad-DHT node with unbounded PUT_VALUE messages, whose keys bypass content validation, causing the node’s datastore to exhaust disk space and rende...

CVE-2026-46679

CVE-2026-46679 affects the JS implementation of libp2p gossipsub. Three omissions in the default gossipsub logic allow an unauthenticated peer to flood subscriptions and exhaust the Node.js heap, causing memory DoS and potential OOM. The issue arises from an unbounded this.topics map, unbounded p...

CVE-2026-11604

CVE-2026-11604 concerns OpenVPN ovpn-dco-win, where an incorrect buffer size calculation in the epoch key generator (versions 2.0.0–2.8.3) can be abused by a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, causing a denial ...

CVE-2026-0274

Technical details (affected products, versions, root cause, exploit information) are not publicly provided in the supplied documents. Monitor for updates from official advisories and NVD entries.

CVE-2026-0273

CVE-2026-0273 is a command injection vulnerability in Palo Alto Networks PAN-OS software that allows an authenticated administrator to bypass system restrictions and execute arbitrary commands as root. The issue affects PAN-OS on PA-Series and VM-Series firewalls and Panorama , with access requir...

CVE-2026-0272

Technical details for CVE-2026-0272 are not publicly provided in the supplied documents beyond a general description of privilege escalation in PAN-OS CLI. Monitor for updates; no specifics on vulnerable component, affected versions, or fixes are present.

CVE-2026-0271

CVE-2026-0271 describes a privilege escalation vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux. A local user can execute code with elevated privileges, as indicated by the entry. Affected product: Prisma Access Agent (Linux). Impact per metrics: high impact to confidentia...

CVE-2026-0270

Palo Alto Networks Cortex XSOAR engine running on Linux is vulnerable to a path traversal issue that could allow an unauthenticated attacker in an adjacent network, via MITM-enabled interception of network responses, to write arbitrary files to the host. The vulnerability affects the Cortex XSOAR...

CVE-2026-0269

CVE-2026-0269 describes a memory corruption vulnerability in the tunnel traffic processing path of Palo Alto Networks PAN-OS software. An authenticated user can trigger system reboots by sending a maliciously crafted packet, and repeated attempts may cause the firewall to enter maintenance mode. ...

CVE-2026-0268

Prisma Access Agent for Linux contains a local authentication bypass that enables a local attacker to route traffic outside the VPN tunnel. The issue is limited to Linux; Windows, macOS, iOS, Android, and ChromeOS variants are not affected. The CVE entry notes a local attack vector with low privi...

CVE-2026-53742

CVE-2026-53742 affects the WordPress plugin Simple Link Directory up to version 9.0.4. The issue is a Stored XSS via embed shortcode attributes: the embedder template echoes shortcode attributes into HTML data attributes without escaping. Attackers with contributor access can craft a shortcode at...

CVE-2026-53741

CVE-2026-53741 affects Simple Link Directory up to version 9.0.4. The root cause is that the sld_no_results_found option is interpolated into a JavaScript string literal without encoding. Because sanitize_text_field leaves quotes intact, a stored payload can break out of the string and execute sc...

CVE-2026-53740

The CVE-2026-53740 entry describes a stored cross-site scripting flaw in Yoast Duplicate Post (through 4.6) where an unescaped post title and permalink is injected into the Classic Editor scheduled republish notice. Attackers can craft a title to cause script execution when an administrator views...

CVE-2026-53739

CVE-2026-53739 affects the WordPress plugin Yoast Duplicate Post up to version 4.6. The issue is a cross-site request forgery in the duplicate_post_dismiss_notice handler that does not verify a nonce or capability. This allows an attacker to trick an authenticated user into issuing a request that...

CVE-2026-53738

CVE-2026-53738 affects the WordPress plugin Copy & Delete Posts, up to version 1.5.4. The vulnerability stems from the cdp_action_handling AJAX handler, where any plugin-enabled non-admin role can invoke every operation, bypassing per-function capability checks. This enables attackers with an ena...

CVE-2026-53737

CVE-2026-53737 affects Juicer (through 1.12.18). The vulnerability is a Stored Cross-Site Scripting (XSS) due to unescaped remote feed API response fields on the admin settings page; when the page loads, an attacker controlling the connected feed data can inject script that runs in an administrat...

CVE-2026-53736

CVE-2026-53736 affects the Easy Twitter Feeds WordPress plugin prior to 1.2.13. The issue is a cross-site request forgery in the duplicate_post action handler that lacks nonce verification. An attacker could entice an authenticated user to visit a crafted link that duplicates posts regardless of ...

CVE-2026-47764

Summary: A GHSA advisory details a path traversal vulnerability in PDM related to wheel installation. The InstallDestination.write_to_fs() method overrides the safe _path_with_destdir(), replacing Path.resolve()/is_relative_to()-based validation with a bare os.path.join() that performs no path va...

CVE-2026-47763

CVE-2026-47763 / GHSA-GHQ2-5C67-FPRM (PDM) : The advisory details a symlink-related write vulnerability in PDM’s project-local state/config handling. If a repository places a symlink to a target file (e.g., pdm.toml), commands like pdm config -l may write to the symlink target instead of refusing...

CVE-2026-42542

CVE-2026-42542 affects TDengine versions 3.4.0.0–3.4.1.5. An unauthenticated remote attacker can cause a denial of service by sending a single crafted RPC packet, triggering an integer underflow in uvConnMayGetUserInfo() and crashing the taosd server. Impact is limited to availability (A) with ne...

CVE-2026-0267

CVE-2026-0267 affects the Palo Alto Networks GlobalProtect app on macOS. It is described as an information exposure vulnerability where a local user can learn the passcodes used to disable, disconnect, or uninstall the app, enabling those actions despite configuration restrictions. The provided d...

CVE-2026-0266

CVE-2026-0266 concerns a Stored Cross-Site Scripting (XSS) vulnerability in Palo Alto Networks PAN-OS web interface. The connected documents specify that an authenticated administrator can store a JavaScript payload via the PAN-OS web UI, affecting PAN-OS on PA-Series and VM-Series firewalls as w...

CVE-2026-46689

Kanidm vuln CVE-2026-46689: An unauthenticated GET to any /scim/v1/... endpoint with a crafted ?filter= (thousands of nested parentheses, ~4–12 KB) can exhaust the parser’s stack due to an unbounded depth in the SCIM filter grammar. This causes a stack overflow and std::process::abort(), terminat...

CVE-2026-50131

Fedify (TypeScript federated server framework) has an incomplete SSRF mitigation in validatePublicUrl(): isValidPublicIPv4Address() blocks common private/local ranges but still treats several special-use, reserved, multicast, benchmarking, and carrier-grade NAT IPv4 ranges as valid. This exposes ...

CVE-2026-48110

CVE-2026-48110 affects Russh, a Rust SSH client/server library. From 0.34.0 up to before 0.61.0, several client/server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH peer could send o...

CVE-2026-48108

Russh (Rust SSH client/server library) prior to 0.61.0 allowed non-canonical client identification and did not bound pre-banner input on the server side, enabling malformed pre-auth identification to potentially exhaust connection resources. The issue affects versions 0.34.0-beta.1 through before...

CVE-2026-48107

Russh (Rust SSH client/server) is affected in versions 0.37.0–0.60.x where the client’s keyboard-interactive auth path accepts an attacker-controlled prompt count via USERAUTH_INFO_REQUEST. The code uses the raw count directly in Vec::with_capacity(...) before verifying sufficient prompt data, en...

CVE-2026-10143

CVE-2026-10143 affects kafka-python prior to 2.3.2. The denial‑of‑service arises from ScramClient.process_server_first_message() passing the broker‑provided SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation in scram.py. This can freeze the client event loop, blocking prod...