Overview
- noir-lang
- noir
Description
Statistics
- 1 Post
Fediverse
🚩 CRITICAL: CVE-2026-41197 in noir-lang noir (<1.0.0-beta.19). Incorrect buffer allocation for nested arrays can corrupt Brillig VM heap. Memory safety risk! Upgrade to 1.0.0-beta.19+ ASAP. https://radar.offseq.com/threat/cve-2026-41197-cwe-131-incorrect-calculation-of-bu-282b810c #OffSeq #NoirLang #CVE202641197 #AppSec
Overview
Description
Statistics
- 1 Post
Overview
- thexerteproject
- xerteonlinetoolkits
Description
Statistics
- 1 Post
Fediverse
⚠️ CRITICAL: xerteonlinetoolkits ≤3.15 has incomplete input validation in elFinder — .php4 files can be uploaded & executed, enabling unauth RCE. Restrict endpoint, monitor uploads, apply custom filters. Patch status unknown. CVE-2026-34415 https://radar.offseq.com/threat/cve-2026-34415-cwe-184-incomplete-list-of-disallow-f774ae94 #OffSeq #Vuln #RCE
Overview
- Siemens
- Solid Edge SE2025
Description
Statistics
- 2 Posts
Fediverse
Warning: CVE-2025-40739 (CWEs: ['CWE-125']) found no CAPEC relationships.
Warning: CVE-2025-40741 (CWEs: ['CWE-121']) found no CAPEC relationships.
Adobe’s 95% VaR is driven by CVE-2025-40739 and CVE-2025-40740. These are CWE-125 (Out-of-bounds Read) and CWE-121 (Stack-based Buffer Overflow) flaws. In a modern stack, these should be legacy ghosts.
Instead, they remain the primary drivers of execution mass. When combined with the P5 Execution vector of 1.44, it reveals that the Adobe consumer is still vulnerable to the most fundamental classes of memory corruption.
Artifacts:
1/2
Overview
- Siemens
- Solid Edge SE2025
Description
Statistics
- 1 Post
Overview
- Siemens
- Solid Edge SE2025
Description
Statistics
- 1 Post
Fediverse
Adobe’s 95% VaR is driven by CVE-2025-40739 and CVE-2025-40740. These are CWE-125 (Out-of-bounds Read) and CWE-121 (Stack-based Buffer Overflow) flaws. In a modern stack, these should be legacy ghosts.
Instead, they remain the primary drivers of execution mass. When combined with the P5 Execution vector of 1.44, it reveals that the Adobe consumer is still vulnerable to the most fundamental classes of memory corruption.
Artifacts:
1/2
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
- 7 Interactions
Fediverse
I just asked Mozilla about this. Someone responded that internally found bugs like the 271 go into “roll-up” advisories with, each rollup providing a link to the bug list covered.
The 3 rollups are:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6784
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6785
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6786
When you look at these rollups they say that "Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code."
With no way of knowing how many vulnerabilities were truly severe and exploitable, I think Mozilla, like others gushing ab out LLM-assisted vuln finding, is denying us the data to assess the true value of Mythos.
Overview
Description
Statistics
- 1 Post
- 7 Interactions
Fediverse
I just asked Mozilla about this. Someone responded that internally found bugs like the 271 go into “roll-up” advisories with, each rollup providing a link to the bug list covered.
The 3 rollups are:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6784
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6785
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6786
When you look at these rollups they say that "Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code."
With no way of knowing how many vulnerabilities were truly severe and exploitable, I think Mozilla, like others gushing ab out LLM-assisted vuln finding, is denying us the data to assess the true value of Mythos.