Aggregator

A vulnerability classified as problematic has been found in LibRaw 8dc68e2. This affects the function uncompressed_fp_dng_load_raw of the component File Handler. This manipulation causes integer overflow. This vulnerability appears as CVE-2026-24450. The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.

A vulnerability described as critical has been identified in LibRaw 0b56545/d20315b. Affected by this issue is the function lossless_jpeg_load_raw of the component File Handler. The manipulation results in improper validation of array index. This vulnerability is reported as CVE-2026-21413. The attack can be launched remotely. No exploit exists. Applying a patch is advised to resolve this issue.

A vulnerability marked as critical has been reported in LibRaw d20315b. Affected by this vulnerability is the function x3f_thumb_loader of the component File Handler. The manipulation leads to integer overflow. This vulnerability is documented as CVE-2026-20889. The attack can be initiated remotely. There is not any exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability labeled as critical has been found in LibRaw 0b56545/d20315b. Affected is the function HuffTable::initval of the component File Handler. Executing a manipulation can lead to incorrect calculation of buffer size. This vulnerability is registered as CVE-2026-20911. It is possible to launch the attack remotely. No exploit is available. It is best practice to apply a patch to resolve this issue.

A vulnerability identified as problematic has been detected in LibRaw. This impacts the function deflate_dng_load_raw of the component File Handler. Performing a manipulation results in integer overflow. This vulnerability is cataloged as CVE-2026-20884. It is possible to initiate the attack remotely. There is no exploit available. Applying a patch is the recommended action to fix this issue.

As AI dominated RSAC 2026, CISOs and industry leaders debated its role in security, from agentic applications to the challenges of scaling human involvement in decision-making.

Список 11 стран, набравших максимум баллов.

A panel of five C-suite leaders discuss how cybersecurity success is measured and why it isn't improving results.

A vulnerability, which was classified as problematic, has been found in Ilias Gomatos Affiliate Platform Plugin up to 1.4.8 on WordPress. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in cross site scripting. This vulnerability is identified as CVE-2024-49645. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as problematic has been identified in AmaderCode Lab ACL Floating Cart for WooCommerce Plugin up to 0.9 on WordPress. This vulnerability affects unknown code. Executing a manipulation can lead to cross site scripting. This vulnerability is handled as CVE-2024-49640. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as problematic, has been found in weDevs WP ERP Plugin up to 1.13.2 on WordPress. The affected element is an unknown function. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2024-47640. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Coral Web Design CWD 3D Image Gallery Plugin up to 1.0 on WordPress and classified as problematic. This affects an unknown function. Performing a manipulation results in cross site scripting. This vulnerability is identified as CVE-2024-49632. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in Rimon Habib BP Member Type Manager Plugin up to 1.01 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2024-49634. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Edward Stoever Monitor.chat Plugin up to 1.1.1 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2024-49639. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic was found in HM Plugin Stripe Donation and Payment Plugin up to 3.2.3 on WordPress. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to missing authorization. This vulnerability is handled as CVE-2024-50459. The attack can be executed remotely. There is not any exploit available.

Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap. [...]