Security Vulnerabilities
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory corruption when decoding corrupted satellite data files with invalid signature offsets.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-04-06
Cryptographic issue while copying data to a destination buffer without validating its size.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-04-06
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-04-06
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory corruption while preprocessing IOCTL request in JPEG driver.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Memory corruption while processing a frame request from user.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-06
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite system files and privileged binaries, achieving full system compromise. Twitch Studio was discontinued in May 2024.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-04-06
A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The patch is named edbb085e45788dccaf0e64d71534cfca925784b8. Applying a patch is the recommended action to fix this issue.
CVSS Score
6.9
EPSS Score
0.004
Published
2026-04-06
Homarr is an open-source dashboard. Prior to 1.57.0, the user registration endpoint (/api/trpc/user.register) is vulnerable to a race condition that allows an attacker to create multiple user accounts from a single-use invite token. The registration flow performs three sequential database operations without a transaction: CHECK, CREATE, and DELETE. Because these operations are not atomic, concurrent requests can all pass the validation step (1) before any of them reaches the deletion step (3). This allows multiple accounts to be registered using a single invite token that was intended to be single-use. This vulnerability is fixed in 1.57.0.
CVSS Score
4.2
EPSS Score
0.0
Published
2026-04-06