Latest CVE Feed
-
7.8
HIGHCVE-2025-47397
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sd_8_gen1_5g_firmware +284 more products- Published: Feb. 02, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47358
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.... Read more
- Published: Feb. 02, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-21334
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more
Affected Products : substance_3d_designer- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-25584
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum<>::GetValues(). This i... Read more
Affected Products : iccdev- Published: Feb. 04, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-21321
After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-21323
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a mali... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-0536
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more
Affected Products : 3ds_max- Published: Feb. 04, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-22277
Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, lead... Read more
Affected Products :- Published: Jan. 30, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-15311
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.... Read more
- Published: Feb. 05, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2026-21326
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a mali... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-21328
After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open ... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-21329
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a mali... Read more
- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-20616
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termi... Read more
- Published: Feb. 11, 2026
- Modified: Feb. 17, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-20658
A package validation issue was addressed by blocking the vulnerable package. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Authorization
-
7.8
HIGHCVE-2026-21335
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more
Affected Products : substance_3d_designer- Published: Feb. 10, 2026
- Modified: Feb. 11, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-20614
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to gain root privileges.... Read more
Affected Products : macos- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Path Traversal
-
7.8
HIGHCVE-2026-25931
vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings._determineIsTrusted treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. The value defaults to true... Read more
Affected Products :- Published: Feb. 09, 2026
- Modified: Feb. 10, 2026
- Vuln Type: Misconfiguration
-
7.8
HIGHCVE-2026-0659
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current pro... Read more
- Published: Feb. 04, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2026-20700
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary co... Read more
- Actively Exploited
- Published: Feb. 11, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-62348
Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.... Read more
Affected Products : salt- Published: Jan. 30, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Injection