Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 10 March 2026
RSS661 vulnerabilities published on 10 March 2026
Severity:
Microsoft Authenticator: Unauthorized Local Information Disclosure
CVE-2026-26123
Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally....
5.5
Adobe DNG SDK Crash Vulnerability through Malicious File
CVE-2026-27281
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-servi...
5.5
Substance3D Painter versions 11.1.2 and earlier: Attacker can access sensitive data
CVE-2026-27219
Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker ...
5.5
Substance3D Painter Crashes if Opened with Malicious File
CVE-2026-27218
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-se...
5.5
Substance3D Painter versions 11.1.2 and earlier can crash if opened with a malicious file
CVE-2026-27217
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-se...
5.5
Substance3D Painter versions 11.1.2 and earlier: Malicious file can access sensitive data
CVE-2026-27216
Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker ...
5.5
Substance3D - Painter versions 11.1.2 and earlier can crash from a malicious file
CVE-2026-27215
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-se...
5.5
Substance3D Painter versions 11.1.2 and earlier may crash when opening a malicious file
CVE-2026-27214
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-se...
5.5
Substance3D Painter versions 11.1.2 and earlier: Memory Exposure through Malicious Files
CVE-2026-21365
Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker ...
5.5
Substance3D Painter: Application Can Crash with Exploited File
CVE-2026-21364
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-se...
5.5
Substance3D Painter Crashes if You Open a Malicious File
CVE-2026-21363
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-se...
5.5
iccDEV color management software may crash due to faulty color processing
CVE-2026-31794
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from inva...
5.5
iccDEV ICC Color Management Tool Crashes System
CVE-2026-31793
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault due to in...
5.5
iccDEV Library Crashes or Corrupts Data Due to Memory Error
CVE-2026-30986
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow w...
5.5
iccDEV Color Management Software Crashes Due to Uncontrolled Recursion
CVE-2026-30980
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack overflow in CIccBasicS...
5.5
SICAM SIAPP SDK crashes when receiving overly long input
CVE-2026-25572
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length c...
5.9
SICAM SIAPP SDK Crashes with Oversized Input
CVE-2026-25571
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK client component does not enforce maximum length c...
5.9
Windows Accessibility Service Exposes Sensitive Local Information
CVE-2026-25186
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to dis...
5.5
Microsoft Graphics Component Can Leverage Local Data Exposure
CVE-2026-25180
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally....
5.5
Microsoft Graphics Component allows local service denial
CVE-2026-25169
Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally....
5.5
Microsoft Graphics Component: Local Denial of Service
CVE-2026-25168
Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally....
5.5
Microsoft Windows Push Message Routing Service Information Leak
CVE-2026-24282
Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally....
5.5
i-フィルター Products Allow Unauthorized File Access
CVE-2026-28267
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or...
6.8
IBM Aspera Orchestrator allows attackers to hijack sessions
CVE-2025-13213
IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This c...
5.4
GitHub Enterprise Server allows script injection via task list content
CVE-2026-2266
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed DOM-based cross-site scripting via task list...
7.4