368880 matches found
CVE-2026-57571
CVE-2026-57571 affects Crawl4AI prior to version 0.9.0. The vulnerability arises when saving downloaded files: the destination filename is taken from attacker-controlled input and joined to the downloads directory without confinement. If the filename contains an absolute path or traversal, it esc...
CVE-2026-25271
The CVE describes a TOCTOU race condition in Qualcomm DSP Service causing memory corruption when processing asynchronous input parameters due to improper handling of modified values between check and use. Affected component: DSP Service (Qualcomm). Root cause: TOCTOU under asynchronous input para...
CVE-2026-25268
The CVE-2026-25268 issue is a stack-based buffer overflow in WLAN Host caused by memory corruption when processing invalid HT40 channel layouts during dynamic channel switching. Affects WLAN Host with a Local attack vector, requiring Low privileges and no user interaction, and with a changed scop...
CVE-2026-21384
CVE-2026-21384 describes a memory corruption vulnerability in a camera driver where updating prepared commands with invalid port indices (driven by user-space input) can exceed read client limits, causing an out-of-bounds write. The issue is tied to a local attack vector with high complexity and ...
CVE-2026-21383
CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...
CVE-2026-21379
CVE-2026-21379 describes a memory corruption (buffer over-read) issue in Windows Compute caused by allocating memory with sizes that exceed the maximum allowed value. The CVSS 3.1 metrics indicate a high impact on confidentiality, integrity, and availability (C:H, I:H, A:H) with a local attack ve...
CVE-2026-21370
CVE-2026-21370 is an out-of-bounds write in the camera driver causing memory corruption when validating input batch size and buffer plane count that exceed maximum allowed values. The issue is described as a memory corruption condition in the Qualcomm camera driver. Exploitation details beyond wh...
CVE-2026-21369
CVE-2026-21369 describes a memory corruption in the camera driver when handling flash commands. The root cause is outdated LED count values being used after userspace modification, leading to out-of-bounds/write conditions. The weakness is limited to local attack vector with high complexity and l...
CVE-2026-21368
CVE-2026-21368 describes an out-of-bounds write in a camera driver when parsing JPEG commands, caused by unaccounted extra writes to the buffer during validation. The CVSS vector indicates local access, high complexity, and low privileges required, with a Overall impact of low confidentiality, in...
CVE-2025-59617
CVE-2025-59617 describes a memory corruption issue (Use After Free) in Computer Vision when multiple IOCTL calls reuse the same buffer file descriptor input. The CVSS metrics indicate a local attacker with high attack complexity and low privileges, requiring user interaction, with impact to integ...
CVE-2025-59616
CVE-2025-59616 : Memory corruption (use-after-free) when processing multiple IOCTL calls using the same buffer file descriptor input, due to accessing memory that has already been freed. Affects the described Computer Vision context; underlying issue is use-after-free in the handling of repeated ...
CVE-2025-59615
CVE-2025-59615 describes a Use-After-Free memory corruption in computer vision code triggered by device IOCTL operations for mapping/unmapping persistent memory buffers, caused by improper synchronization. The issue is rated CVSS v3.1 base score 6.6 (Medium): LOCAL attack, HIGH exploit complexity...
CVE-2026-55514
CVE-2026-55514 affects the vLLM library (inference/serving) from versions 0.12.0 through older than 0.24.0. Sending a pure prompt embeds payload in a /v1/completions request for a model using M-RoPE triggers an EngineCore assertion, causing a fatal crash that shuts down the entire server applicat...
CVE-2026-55574
CVE-2026-55574 affects vLLM prior to 0.24.0, where structured_outputs.regex passes an unguarded user-supplied regex to grammar backends (xgrammar and outlines). In xgrammar, the string reaches the regex compiler without a timeout guard; in outlines, validation overlooks regex complexity (e.g., ne...
CVE-2026-55727
CVE-2026-55727 affects Genetec Security Center 5.14.0.0 (before build 5.14.178.18). A flaw in the authentication mechanism for video stream requests may allow an unauthenticated attacker to access live video streams. The CVSSv3.1 base score is 7.5 (HIGH) with network attack vector and no user int...
CVE-2026-50135
Summary: Hugo up to v0.161.1 is affected by a symlink confinement bypass in the virtual filesystem used by Hugo’s resources.Get. Root cause: A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, allowing a symlink inside a mounted directory (e.g....
CVE-2026-54234
CVE-2026-54234 affects vLLM prior to version 0.24.0. A frontend multi-request speculative decoding path could cause the rejection sampler to produce a recovered token equal to the model vocabulary size boundary value, which becomes negative one when the next live token is selected. This out-of-vo...
CVE-2026-48267
The CVE-2026-48267 entry concerns the DNG SDK prior to or equal to version 1.7.1 build 2536, where a NULL Pointer Dereference could cause an application crash and denial-of-service. The vulnerability requires user interaction: a victim must open a malicious file. The root cause is a NULL pointer ...
CVE-2026-50134
CVE-2026-50134 (Hugo) affects Hugo versions 0.91.0 through 0.161.1, where resources.GetRemote did not re-validate intermediate URLs on HTTP 3xx redirects despite enforcing security.http.urls on the initial URL. This allowed a redirect to an allowed host (or an attacker-controlled DNS/response) th...
CVE-2026-14898
The CVE concerns the OpenAI Codex desktop app for macOS. The vulnerability arises when the app renders remote images from Markdown in model responses; an indirect prompt injection via content processed by Codex (e.g., a connected-tool result or other untrusted source) could cause the model to con...