CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2026-40918 – Gimp: gimp: denial of service via crafted pvr image file
https://notcve.org/view.php?id=CVE-2026-40918
15 Apr 2026 — A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted PVR image files are affected. • https://access.redhat.com/security/cve/CVE-2026-40918 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2026-40917 – Gimp: gimp: application crashes or information disclosure via crafted icns image files
https://notcve.org/view.php?id=CVE-2026-40917
15 Apr 2026 — A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process such files. • https://access.redhat.com/security/cve/CVE-2026-40917 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2026-40916 – Gimp: gimp: denial of service due to stack buffer overflow in tim image loader
https://notcve.org/view.php?id=CVE-2026-40916
15 Apr 2026 — A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a variable-length array. • https://access.redhat.com/security/cve/CVE-2026-40916 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2026-40915 – Gimp: gimp: heap buffer overflow due to integer overflow in fits image loader
https://notcve.org/view.php?id=CVE-2026-40915
15 Apr 2026 — A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when processing pixel data. Successful exploitation could result in a denial of service (DoS) or potentially arbitrary code execution. • https://access.redhat.com/security/cve/CVE-2026-40915 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 1CVE-2026-5119 – Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
https://notcve.org/view.php?id=CVE-2026-5119
30 Mar 2026 — A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation. Se encontró una vulnerabilidad en libsoup. Al establecer túneles HTTPS a través de un proxy HTTP configurado, las cookies de sesión sensibles se transmiten en texto claro dent... • https://access.redhat.com/security/cve/CVE-2026-5119 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0CVE-2026-28369 – Undertow: undertow: request smuggling via malformed http request headers
https://notcve.org/view.php?id=CVE-2026-28369
27 Mar 2026 — A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate web caches, potentially leading to unauthorized actions or data exposure. • https://access.redhat.com/security/cve/CVE-2026-28369 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0CVE-2026-28368 – Undertow: undertow: request smuggling via inconsistent header parsing
https://notcve.org/view.php?id=CVE-2026-28368
27 Mar 2026 — A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources. • https://access.redhat.com/security/cve/CVE-2026-28368 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0965 – Libssh: libssh: denial of service via improper configuration file handling
https://notcve.org/view.php?id=CVE-2026-0965
26 Mar 2026 — A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations. Se encontró una falla en libssh donde puede intentar abrir archivos arbitrarios durante el anális... • https://access.redhat.com/security/cve/CVE-2026-0965 • CWE-73: External Control of File Name or Path •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0967 – Libssh: libssh: denial of service via inefficient regular expression processing
https://notcve.org/view.php?id=CVE-2026-0967
26 Mar 2026 — A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client. Se encontró una vulnerabilidad en libssh. Un atacante remoto, al controlar los archivos de configuración del cliente o los archivos known_hosts, podría cre... • https://access.redhat.com/security/cve/CVE-2026-0967 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2026-3121 – Keycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permission
https://notcve.org/view.php?id=CVE-2026-3121
26 Mar 2026 — A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level. Se encontró un fallo en Keycloak. • https://access.redhat.com/errata/RHSA-2026:6477 • CWE-266: Incorrect Privilege Assignment •