| CVE-2026-36613 |
2026-06-03 |
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unau… |
| CVE-2025-70101 |
2026-06-03 |
An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 filesy… |
| CVE-2026-45681 |
2026-06-02 |
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer but… |
| CVE-2026-25258 |
2026-06-01 |
Memory corruption while processing IOCTL calls for escape operations. |
| CVE-2026-0076 |
2026-06-01 |
In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges … |
| CVE-2026-10267 |
2026-06-01 |
A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking… |
| CVE-2026-10233 |
2026-06-01 |
A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL… |
| CVE-2026-8796 |
2026-05-31 |
Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input.
In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-referen… |
| CVE-2026-5071 |
2026-05-30 |
The SocketCAN implementation validates the length of a user-provided buffer containing a socketcan_frame object using only a NET_ASSERT statement in zcan_sendto_ctx() before dereferencing it in socket… |
| CVE-2026-45613 |
2026-05-29 |
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76cc… |
| CVE-2026-46344 |
2026-05-29 |
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT s… |
| CVE-2026-44518 |
2026-05-29 |
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT s… |
| CVE-2026-45615 |
2026-05-29 |
mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c (specifically INTEGER_oer.c). When parsing… |
| CVE-2025-41278 |
2026-05-29 |
Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Hos… |
| CVE-2026-9996 |
2026-05-28 |
Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromiu… |
| CVE-2026-9975 |
2026-05-28 |
Out of bounds read and write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … |
| CVE-2026-9953 |
2026-05-28 |
Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securi… |
| CVE-2026-9943 |
2026-05-28 |
Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-9928 |
2026-05-28 |
Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-9919 |
2026-05-28 |
Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |