MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the LXF parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable Versions The...

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the LXF element parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...

MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the Channel Splitting functionality of MediaInfoLib versions: 26.01. A specially crafted .riff file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2309 Tp-Link Archer AX53 v1.0 Openvpn configuration restore routeup OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore routeup functionality of...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability

Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....

Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...

Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2276 Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability May 4, 2026 CVE Number CVE-2025-58074 SUMMARY A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Stor...

OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability

Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...

Adobe Photoshop Installation Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2274 Adobe Photoshop Installation Privilege Escalation Vulnerability April 22, 2026 CVE Number CVE-2026-34632 SUMMARY A privilege escalation vulnerability exists during the installation of Adobe Photoshop via the Microsoft Store. The vulnerable version of the...

LibRaw x3f_thumb_loader heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2358 LibRaw x3fthumbloader heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20889 SUMMARY A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious...

LibRaw lossless_jpeg_load_raw heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2331 LibRaw losslessjpegloadraw heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-21413 SUMMARY A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A...

LibRaw HuffTable::initval heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2330 LibRaw HuffTable::initval heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20911 SUMMARY A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A...

LibRaw x3f_load_huffman heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2359 LibRaw x3floadhuffman heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24660 SUMMARY A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious...

LibRaw deflate_dng_load_raw integer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2364 LibRaw deflatedngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20884 SUMMARY An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead ...

LibRaw uncompressed_fp_dng_load_raw integer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2363 LibRaw uncompressedfpdngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24450 SUMMARY An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious...

Foxit Reader List Box Calculate Array Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2026-2365 Foxit Reader List Box Calculate Array Use-After-Free Vulnerability March 31, 2026 CVE Number CVE-2026-3779 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles an Array object. A specially crafted JavaScript code inside a malicio...

Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2281 Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability March 18, 2026 CVE Number CVE-2025-66176 SUMMARY A stack-based buffer overflow vulnerability exists in the SADP XML parsin...

Canva Affinity EMF File EMR_HEADER nDescription Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2298 Canva Affinity EMF File EMRHEADER nDescription Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-62500 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file,...

Canva Affinity EMF File EMR_EXTTEXTOUTA offDx Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2321 Canva Affinity EMF File EMREXTTEXTOUTA offDx Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-62403 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, a...

Canva Affinity EMF File EMR_FRAMERGN Type Confusion Vulnerability

Talos Vulnerability Report TALOS-2025-2297 Canva Affinity EMF File EMRFRAMERGN Type Confusion Vulnerability March 17, 2026 CVE Number CVE-2025-66342 SUMMARY A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerabilit...

Canva Affinity EMF File EMR_CREATEDIBPATTERNBRUSHPT offBmi Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2300 Canva Affinity EMF File EMRCREATEDIBPATTERNBRUSHPT offBmi Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64733 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafte...

Canva Affinity EMF File EMR_STRETCHBLT cbBitsSrc Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2313 Canva Affinity EMF File EMRSTRETCHBLT cbBitsSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66633 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

Canva Affinity EMF File EMR_POLYBEZIER16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2316 Canva Affinity EMF File EMRPOLYBEZIER16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-47873 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Canva Affinity EMF File EMR_EXTSELECTCLIPRGN CountRects Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2319 Canva Affinity EMF File EMREXTSELECTCLIPRGN CountRects Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66042 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted E...

Canva Affinity EMF File EMR_CREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability

Talos Vulnerability Report TALOS-2025-2310 Canva Affinity EMF File EMRCREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability March 17, 2026 CVE Number CVE-2025-64301 SUMMARY An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By usin...

Canva Affinity EMF File EMR_POLYBEZIERTO16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2324 Canva Affinity EMF File EMRPOLYBEZIERTO16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-20726 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

Canva Affinity EMF File EMR_POLYDRAW Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2301 Canva Affinity EMF File EMRPOLYDRAW Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66000 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

Canva Affinity EMF File EMR_BITBLT offBmiSrc Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2311 Canva Affinity EMF File EMRBITBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64776 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

Canva Affinity EMF File EMR_STRETCHBLT offBmiSrc Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2312 Canva Affinity EMF File EMRSTRETCHBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64735 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

Canva Affinity EMF File EMR_EXTTEXTOUTW offDx Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2314 Canva Affinity EMF File EMREXTTEXTOUTW offDx Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-58427 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, a...

Canva Affinity EMF File EMR_POLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2315 Canva Affinity EMF File EMRPOLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66617 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

Canva Affinity EMF File EMR_POLYGON Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2320 Canva Affinity EMF File EMRPOLYGON Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-65119 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

Canva Affinity EMF File EMR_POLYBEZIER Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2317 Canva Affinity EMF File EMRPOLYBEZIER Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-61952 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

Canva Affinity EMF File EMR_HEADER offDescription Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2299 Canva Affinity EMF File EMRHEADER offDescription Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-61979 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF fil...

Canva Affinity EMF File EMR_POLYPOLYLINE Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2325 Canva Affinity EMF File EMRPOLYPOLYLINE Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-22882 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Canva Affinity EMF File EMR_POLYBEZIERTO Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2318 Canva Affinity EMF File EMRPOLYBEZIERTO Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66503 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2294 Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58077 SUMMARY A heap-based buffer overflow vulnerability exists in the tmpServer opcode 0x437 functionality of Tp-Link Archer AX53...

Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2025-2285 Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability March 16, 2026 CVE Number CVE-2025-59487 SUMMARY A write-what-where vulnerability exists in the tmpServer opcode 0x441 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0xe01 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2288 Tp-Link AX53 v1.0 tmpServer opcode 0xe01 out-of-bounds write vulnerability March 16, 2026 CVE Number CVE-2025-61944 SUMMARY An out-of-bounds write vulnerability exists in the tmpServer opcode 0xe01 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 V1.0 tmpServer opcode 0x411 buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2283 Tp-Link AX53 V1.0 tmpServer opcode 0x411 buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-59482 SUMMARY A buffer overflow vulnerability exists in the tmpServer opcode 0x411 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2287 Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62404 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x643 functionality of Tp-Link AX53 v1.0 1.3.1...

Tp-Link AX53 v1.0 tdpServer ssh port update stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2290 Tp-Link AX53 v1.0 tdpServer ssh port update stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62673 SUMMARY A stack-based buffer overflow vulnerability exists in the tdpServer ssh port update functionality of Tp-Link AX53 v1.0...

Tp-Link AX53 v1.0 tmpServer opcode 0x429 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2284 Tp-Link AX53 v1.0 tmpServer opcode 0x429 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62405 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer SmartNetSetClientList functionality of Tp-Link AX53 v1...

Tp-Link AX53 v1.0 tmpServer opcode 0x442 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2286 Tp-Link AX53 v1.0 tmpServer opcode 0x442 out-of-bounds write vulnerability March 16, 2026 CVE Number CVE-2025-61983 SUMMARY An out-of-bounds write vulnerability exists in the tmpServer opcode 0x442 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...