VIR Vulnerability Intelligence Relay

Search

Found 29,570 results in 2390ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-33246 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a `Nats-Request-Info:` message header, providing information about a request. Th…
CVE-2026-33223 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header `Nats-Request-Info:` is supposed to be a …
CVE-2026-33222 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could…
CVE-2026-33219 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which can connect to the WebSockets port can c…
CVE-2026-33218 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nat…
CVE-2026-33217 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied …
CVE-2026-33216 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords ar…
CVE-2026-33215 unknown FIX debian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and M…
CVE-2026-29785 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not …
CVE-2026-33247 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients p…
CVE-2026-33249 unknown FIX slesdebian debian 2mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message …
CVE-2026-3260 unknown debian debian 3mo ago Undertow: Denial of Service via Multipart/Form-Data Parsing on HTTP GET Requests
CVE-2026-4750 critical 9.1 9.1 FIX debian debian 3mo ago Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0.
CVE-2026-25749 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: vim security update
CVE-2026-23893 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: opencryptoki security update
CVE-2025-59775 unknown FIX debian debianmacos macos 3mo ago Server-Side Request Forgery (SSRF) vulnerability  in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off  allows to potentially leak NTLM hashes to a malicious server …
CVE-2026-33202 medium 5.5 FIX slesdebian debian 3mo ago Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys dir…
CVE-2026-33176 medium 5.5 FIX slesdebian debian google 3mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept str…
CVE-2026-33174 medium 5.5 FIX slesdebian debian 3mo ago Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when serving files through Active Storage's proxy delivery mode, th…
CVE-2026-33173 medium 5.5 FIX slesdebian debian 3mo ago Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `DirectUploadsController` accepts arbitrary metadata from the clien…
CVE-2026-33170 medium 5.5 FIX slesdebian debian google 3mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `SafeBuffer#%` does not propagate the `@…
CVE-2026-33169 medium 5.5 FIX slesdebian debian google 3mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter` uses a lookahead-based regular expression with `gsub!` to in…
CVE-2026-33413 unknown FIX debian debian sles 3mo ago etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call …
CVE-2026-33343 unknown FIX debian debian sles 3mo ago etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use n…
CVE-2026-23277 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb,…
CVE-2026-23276 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions (iptunnel_xmit, ip6tunnel_xmit) lack their own recur…
CVE-2026-22737 unknown debian debian 3mo ago Spring Framework Improper Path Limitation with Script View Templates
CVE-2026-22735 unknown debian debian 3mo ago Spring MVC and WebFlux has Server Sent Event stream corruption
CVE-2026-3503 medium 5.2 5.2 FIX debian debian wolfssl 3mo ago Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cry…
CVE-2026-3548 critical 9.8 9.8 FIX debian debian wolfssl 3mo ago Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string…
CVE-2026-1005 medium 5.3 5.3 FIX debian debian wolfssl 3mo ago Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authenticati…
CVE-2026-32935 medium 5.9 5.9 FIX debian debian phpseclib 3mo ago phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack
CVE-2026-27953 unknown FIX debian debian 3mo ago ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validat…
CVE-2026-4426 medium 6.5 6.5 FIX debian debian sles rhel libarchiveredhat 3mo ago A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge exte…
CVE-2026-2369 critical 9.1 9.1 FIX debian debian sles gnome 3mo ago A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially acc…
CVE-2026-33056 unknown FIX debian debian 3mo ago tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir function uses fs::metadata() to check whether a path t…
CVE-2026-33055 medium 5.5 FIX debian debian 3mo ago tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CV…
CVE-2026-23267 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes During SPO tests, whe…
CVE-2026-23266 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: fbdev: rivafb: fix divide error in nv3_arb() A userspace program can trigger the RIVA NV3 arbitration code by calling the FBIOPUT…
CVE-2026-23265 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in {read,write}_end_io -----------[ cut here ]------------ kernel BUG at fs/f2fs/data…
CVE-2026-23264 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. Thi…
CVE-2026-23263 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array leak d9f595b9a65e ("io_uring/zcrx: fix leaking pages on sg init fail") fixed a page leakage but did…
CVE-2026-23261 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvme_fabrics creates an NVMe/FC controller in following path: nvmf_dev_write() …
CVE-2026-23260 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allocates a new block ('entry') to merge adjacent ran…
CVE-2026-23259 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through io_req_rw_cleanup() and h…
CVE-2026-23258 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_devices(), the netdev is allocated using alloc_etherdev_…
CVE-2026-23257 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to th…
CVE-2026-23256 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to th…
CVE-2026-23255 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Re…
CVE-2026-23254 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the `encapsulatio…
CVE-2026-23252 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchk_xfile_*_descr calls The xchk_xfile_*_descr macros call kasprintf, which can fail to allocate memory if t…
CVE-2026-23251 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid p…
CVE-2026-23250 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: check return value of xchk_scrub_create_subord Fix this function to return NULL instead of a mangled ENOMEM, then fix the ca…
CVE-2026-23249 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btr…
CVE-2025-71270 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory a…
CVE-2025-71269 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, …
CVE-2025-71268 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction,…
CVE-2026-23247 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") t…
CVE-2025-71267 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can le…
CVE-2025-71266 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can…
CVE-2025-71265 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file sys…
CVE-2026-32636 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due t…
CVE-2026-23241 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. C…
CVE-2025-71239 medium 5.5 5.5 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2() to change attributes class fchmodat2(), introduced in version 6.6 is currently not in the change attribute…
CVE-2026-21964 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: mysql:8.4 security update
CVE-2026-21948 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: mysql:8.4 security update
CVE-2026-21941 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: mysql:8.4 security update
CVE-2026-21937 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: mysql:8.4 security update
CVE-2026-21936 medium 5.5 FIX rocky rhel sles 3mo ago Moderate: mysql:8.4 security update
CVE-2025-39818 medium 5.5 FIX rhel sles rocky 3mo ago Moderate: kernel security update
CVE-2026-30405 unknown FIX debian debian 3mo ago An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute
CVE-2026-32722 unknown FIX debian debian 3mo ago Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no esc…
CVE-2026-27459 unknown FIX slesdebian debian 3mo ago pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value…
CVE-2026-28498 unknown FIX slesdebian debian 3mo ago Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation…
CVE-2026-28490 unknown FIX slesdebian debian 3mo ago Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning…
CVE-2026-27962 unknown FIX slesdebian debian 3mo ago Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attac…
CVE-2026-27448 unknown FIX slesdebian debian 3mo ago pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled e…
CVE-2026-4185 medium 6.3 6.3 debian debian 3mo ago A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box.…
CVE-2026-32772 medium 4.7 4.7 FIX debian debian gnu 3mo ago telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.
CVE-2026-32635 critical 9.0 9.0 debian debian angular 3mo ago Angular vulnerable to XSS in i18n attribute bindings
CVE-2026-4105 medium 6.7 6.7 FIX slesdebian debian 3mo ago A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop…
CVE-2026-32746 critical 9.8 10.0 EXPFIX debian debian sles gnu 3mo ago telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.
CVE-2026-2673 medium 6.5 6.5 FIX slesdebian debian opensslsiemens 3mo ago Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword.…
CVE-2026-23941 critical 9.4 9.4 FIX debian debian sles erlang 3mo ago Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program …
CVE-2026-23943 medium 5.3 5.3 FIX debian debian sles erlang 3mo ago Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advert…
CVE-2026-23942 medium 5.4 5.4 FIX debian debian sles erlang 3mo ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal. This vulnerability is associated with program fil…
CVE-2026-3910 unknown 1.5 KEVFIX debian debian 3mo ago Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
CVE-2026-3909 unknown 1.5 KEVFIX debian debian 3mo ago Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1289 unknown FIX slesdebian debian 3mo ago A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file …
CVE-2025-13462 critical 9.8 9.8 FIX slesdebian debian python 3mo ago The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result i…
CVE-2026-30937 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer overflow in the XWD (X Windows) enco…
CVE-2026-30936 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside…
CVE-2026-30935 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, BilateralBlurImage contains a heap buffer over-read caused by an incorrect c…
CVE-2026-30931 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-based buffer overflow in the UHDR encoder can happen due to truncatio…
CVE-2026-30929 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MagnifyImage uses a fixed-size stack buffer. When using a spec…
CVE-2026-28693 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds r…
CVE-2026-28691 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in t…
CVE-2026-28690 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encode…
CVE-2026-28688 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder,…
CVE-2026-28687 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decod…