Latest CVE Vulnerabilities

7.8 HIGH

CVE-2026-47908 — Dreamweaver Desktop | Access of Uninitialized Pointer (CWE-824)

Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploi…

| Memory Corruption

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

8.2 HIGH

CVE-2026-47907 — Dreamweaver Desktop | Improper Access Control (CWE-284)

Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to a…

| Path Traversal

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

8.6 HIGH

CVE-2026-47906 — Dreamweaver Desktop | Dependency on Vulnerable Third-Party Component (CWE-1395)

Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the curren…

| Supply Chain

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

5.4 MEDIUM

CVE-2026-47106 — Ellucian Banner Self-Service Stored XSS via getFacultyMeetingTimes API

Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP user…

Remote | Cross-Site Scripting

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

7.8 HIGH

CVE-2026-34710 — Substance3D - Sampler | Out-of-bounds Write (CWE-787)

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…

| Memory Corruption

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

7.8 HIGH

CVE-2026-34709 — Substance3D - Sampler | Out-of-bounds Write (CWE-787)

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…

| Memory Corruption

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

6.1 MEDIUM

CVE-2026-32856 — Ellucian Banner Self-Service Reflected XSS via dateConverter

Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in …

Remote | Cross-Site Scripting

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

8.5 HIGH

CVE-2026-11824 — SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted…

| Memory Corruption

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

8.5 HIGH

CVE-2026-11822 — SQLite before 3.53.2 Memory Corruption in FTS5 Extension

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by…

| Memory Corruption

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

7.4 HIGH

CVE-2026-47937 — Acrobat Reader | Uncontrolled Search Path Element (CWE-427)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the cu…

acrobat_reader | Path Traversal

Jun 09, 2026 Jun 09, 2026

Jun 09, 2026

7.8 HIGH

CVE-2026-47916 — Acrobat Reader | Use After Free (CWE-416)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…