Canva Affinity EMF File EMR_POLYBEZIER Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2317 Canva Affinity EMF File EMRPOLYBEZIER Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-61952 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

Canva Affinity EMF File EMR_CREATEDIBPATTERNBRUSHPT offBmi Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2300 Canva Affinity EMF File EMRCREATEDIBPATTERNBRUSHPT offBmi Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64733 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafte...

Canva Affinity EMF File EMR_POLYBEZIERTO16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2324 Canva Affinity EMF File EMRPOLYBEZIERTO16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-20726 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

Canva Affinity EMF File EMR_POLYGON Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2320 Canva Affinity EMF File EMRPOLYGON Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-65119 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

Canva Affinity EMF File EMR_POLYBEZIER16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2316 Canva Affinity EMF File EMRPOLYBEZIER16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-47873 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Canva Affinity EMF File EMR_POLYBEZIERTO Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2318 Canva Affinity EMF File EMRPOLYBEZIERTO Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66503 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Tp-Link AX53 v1.0 tmpServer opcode 0x429 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2284 Tp-Link AX53 v1.0 tmpServer opcode 0x429 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62405 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer SmartNetSetClientList functionality of Tp-Link AX53 v1...

Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2025-2285 Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability March 16, 2026 CVE Number CVE-2025-59487 SUMMARY A write-what-where vulnerability exists in the tmpServer opcode 0x441 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0x442 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2286 Tp-Link AX53 v1.0 tmpServer opcode 0x442 out-of-bounds write vulnerability March 16, 2026 CVE Number CVE-2025-61983 SUMMARY An out-of-bounds write vulnerability exists in the tmpServer opcode 0x442 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2289 Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58455 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x1003 functionality of Tp-Link AX53 v1.0 1.3....

Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2294 Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58077 SUMMARY A heap-based buffer overflow vulnerability exists in the tmpServer opcode 0x437 functionality of Tp-Link Archer AX53...

Tp-Link AX53 V1.0 tmpServer opcode 0x411 buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2283 Tp-Link AX53 V1.0 tmpServer opcode 0x411 buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-59482 SUMMARY A buffer overflow vulnerability exists in the tmpServer opcode 0x411 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2287 Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62404 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x643 functionality of Tp-Link AX53 v1.0 1.3.1...

Tp-Link AX53 v1.0 tmpServer opcode 0xe01 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2288 Tp-Link AX53 v1.0 tmpServer opcode 0xe01 out-of-bounds write vulnerability March 16, 2026 CVE Number CVE-2025-61944 SUMMARY An out-of-bounds write vulnerability exists in the tmpServer opcode 0xe01 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tdpServer ssh port update stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2290 Tp-Link AX53 v1.0 tdpServer ssh port update stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62673 SUMMARY A stack-based buffer overflow vulnerability exists in the tdpServer ssh port update functionality of Tp-Link AX53 v1.0...

Tp-Link AX53 v1.0 SSH Hostkey misconfiguration vulnerability

Talos Vulnerability Report TALOS-2025-2291 Tp-Link AX53 v1.0 SSH Hostkey misconfiguration vulnerability March 16, 2026 CVE Number CVE-2025-62501 SUMMARY A misconfiguration vulnerability exists in the SSH Hostkey functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120 rel.549015553. A specially...

Microsoft DirectX End-User Runtime Web Installer Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2293 Microsoft DirectX End-User Runtime Web Installer Privilege Escalation Vulnerability March 11, 2026 CVE Number CVE-2025-68623 SUMMARY A local privilege escalation vulnerability exists during the installation of Microsoft DirectX End-User Runtime. A...

The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2323 The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability March 3, 2026 CVE Number CVE-2025-64736 SUMMARY An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch...

The Biosig Project libbiosig Nicolet WFT parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2362 The Biosig Project libbiosig Nicolet WFT parsing heap-based buffer overflow vulnerability March 3, 2026 CVE Number CVE-2026-20777 SUMMARY A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project...

The Biosig Project libbiosig Intan CLP parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2361 The Biosig Project libbiosig Intan CLP parsing heap-based buffer overflow vulnerability March 3, 2026 CVE Number CVE-2026-22891 SUMMARY A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbios...

OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2292 OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability February 18, 2026 CVE Number CVE-2025-61982 SUMMARY An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A...

MedDream PACS Premium modifyHL7Route reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2265 MedDream PACS Premium modifyHL7Route reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53854 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyHL7Route functionality of MedDream PACS Premiu...

MedDream PACS Premium emailfailedjob reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2255 MedDream PACS Premium emailfailedjob reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54495 SUMMARY A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premiu...

MedDream PACS Premium downloadZip reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2254 MedDream PACS Premium downloadZip reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53516 SUMMARY A reflected cross-site scripting xss vulnerability exists in the downloadZip functionality of MedDream PACS Premium...

MedDream PACS Premium modifyAutopurgeFilter reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2261 MedDream PACS Premium modifyAutopurgeFilter reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54814 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAutopurgeFilter functionality of MedDre...

MedDream PACS Premium fetchPriorStudies reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2258 MedDream PACS Premium fetchPriorStudies reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-46270 SUMMARY A reflected cross-site scripting xss vulnerability exists in the fetchPriorStudies functionality of MedDream PACS...

MedDream PACS Premium ldapUser reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2272 MedDream PACS Premium ldapUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-36556 SUMMARY A reflected cross-site scripting xss vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870....

MedDream PACS Premium modifyTranscript reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2267 MedDream PACS Premium modifyTranscript reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53707 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyTranscript functionality of MedDream PACS...

MedDream PACS Premium config.php multiple reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2271 MedDream PACS Premium config.php multiple reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58089,CVE-2025-58093,CVE-2025-58090,CVE-2025-58091,CVE-2025-58088,CVE-2025-58087,CVE-2025-58094,CVE-2025-58095,CVE-2025-58092...

MedDream PACS Premium modifyCoercion reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2262 MedDream PACS Premium modifyCoercion reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54861 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyCoercion functionality of MedDream PACS Premiu...

MedDream PACS Premium modifyHL7App reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2264 MedDream PACS Premium modifyHL7App reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58080 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium...

MedDream PACS Premium encapsulatedDoc reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2256 MedDream PACS Premium encapsulatedDoc reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54157 SUMMARY A reflected cross-site scripting xss vulnerability exists in the encapsulatedDoc functionality of MedDream PACS...

MedDream PACS Premium modifyAeTitle reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2260 MedDream PACS Premium modifyAeTitle reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54852 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium...

MedDream PACS Premium modifyUser reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2268 MedDream PACS Premium modifyUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54853 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium...

MedDream PACS Premium notifynewstudy reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2269 MedDream PACS Premium notifynewstudy reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57786 SUMMARY A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premiu...

MedDream PACS Premium modifyEmail reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2263 MedDream PACS Premium modifyEmail reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57881 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyEmail functionality of MedDream PACS Premium...

MedDream PACS Premium sendOruReport reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2270 MedDream PACS Premium sendOruReport reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-44000 SUMMARY A reflected cross-site scripting xss vulnerability exists in the sendOruReport functionality of MedDream PACS Premium...

MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability

Talos Vulnerability Report TALOS-2025-2273 MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability January 20, 2026 CVE Number CVE-2025-53912 SUMMARY An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially...

MedDream PACS Premium autoPurge reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2253 MedDream PACS Premium autoPurge reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54817 SUMMARY A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.87...

MedDream PACS Premium existingUser reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2257 MedDream PACS Premium existingUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54778 SUMMARY A reflected cross-site scripting xss vulnerability exists in the existingUser functionality of MedDream PACS Premium...

MedDream PACS Premium modifyRoute reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2266 MedDream PACS Premium modifyRoute reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57787 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyRoute functionality of MedDream PACS Premium...

MedDream PACS Premium modifyAnonymize reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2259 MedDream PACS Premium modifyAnonymize reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-55071 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAnonymize functionality of MedDream PACS...

Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2279 Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability January 15, 2026 CVE Number CVE-2025-61973 SUMMARY A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A...

Foxit Reader Barcode Calculate CPDF_FormField Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2277 Foxit Reader Barcode Calculate CPDFFormField Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-58085 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Barcode field object. A specially crafted JavaScript cod...

Foxit Reader Text Widget Format Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2278 Foxit Reader Text Widget Format Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-59488 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Text Widget field object. A specially crafted JavaScript code inside ...

Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2275 Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability December 19, 2025 CVE Number CVE-2025-57779 SUMMARY A privilege escalation vulnerability exists during the installation of Foxit PDF Editor via the Microsoft Store....

smallstep Step-CA Certificate Signing authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2242 smallstep Step-CA Certificate Signing authentication bypass vulnerability December 17, 2025 CVE Number CVE-2025-44005 SUMMARY An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completi...

Grassroot DICOM Overlay::GrabOverlayFromPixelData out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2211 Grassroot DICOM Overlay::GrabOverlayFromPixelData out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-52582 SUMMARY An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM...

Grassroot DICOM JPEGBITSCodec::InternalCode out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2210 Grassroot DICOM JPEGBITSCodec::InternalCode out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-53619,CVE-2025-53618 SUMMARY An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM...

Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2214 Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-48429 SUMMARY An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially...