Security Vulnerabilities
Memory Corruption when retrieving output buffer with insufficient size validation.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory corruption when decoding corrupted satellite data files with invalid signature offsets.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-04-06
Cryptographic issue while copying data to a destination buffer without validating its size.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-04-06
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-04-06
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory corruption while preprocessing IOCTL request in JPEG driver.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory corruption while processing a frame request from user.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite system files and privileged binaries, achieving full system compromise. Twitch Studio was discontinued in May 2024.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-04-06