5.1
CVE-2026-24795 - An Out-of-bounds Write in CloverHackyColor/CloverBootloader
Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C. This issue affects CloverBootloader: before 5162.
6.9
CVE-2026-24796 - A Out-of-bounds Read vulnerability in CloverHackyColor/CloverBootloader
Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162.
9.2
CVE-2026-24794 - Chunk Unloading Security Vulnerability in CardboardPowered/cardboard
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard (src/main/java/org/cardboardpowered/impl/world modules). This vulnerability is associated with program files WorldImpl.Java. This issue affects cardboard: before 1.21.4.
10
CVE-2026-24793 - A heap-based buffer over-read or buffer overflow vulnerability in azerothcore/azerothcore-wotlk
Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0.
4.6
CVE-2026-1464 - A possible integer overflow vulnerability in RawTherapee/RawTherapee
Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apache/commons/compress/archivers/tar modules). This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4.
8.7
CVE-2026-1465 - A heap-based buffer over-read or buffer overflow in tildearrow/furnace
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in anyrtcIO-Community anyRTC-RTMP-OpenSource (third_party/faad2-2.7/libfaad modules). This vulnerability is associated with program files bits.C, syntax.C. This issue affects anyRTC-RTMP-OpenSource: before 1.0.
5.3
CVE-2025-14971 - Link Invoice Payment for WooCommerce <= 2.8.0 - Missing Authorization to Unauthenticated Arbitrary β¦
The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createPartialPayment and cancelPartialPayment functions in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated aβ¦
5.4
CVE-2026-21408 - DLL Search Path Vulnerability Allowing Arbitrary Code Execution with SYSTEM Privileges
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges.
7.8
CVE-2026-1361 - ASDA-Soft Stack-based Buffer Overflow Vulnerability
ASDA-Soft Stack-based Buffer Overflow Vulnerability
4.7
CVE-2026-24686 - go-tuf Path Traversal in TAP 4 Multirepo Client Allows Arbitrary File Write via Malicious Repositorβ¦
go-tuf is a Go implementation of The Update Framework (TUF). go-tuf's TAP 4 Multirepo Client uses the map file repository name string (`repoName`) as a filesystem path component when selecting the local metadata cache directory. Starting in version 2.0.0 and prior to version 2.4.1, if an applicatioβ¦