Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 10 March 2026
RSS658 vulnerabilities published on 10 March 2026
Severity:
Missing Bounds Check in [Software Name] Allows Local Privilege Escalation
PUB-A-308585798
CVE-2026-0124
There is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution p...
10.0
Adobe DNG SDK versions 1.7.1 2471 and earlier: Malicious File Execution
CVE-2026-27280
DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the cont...
7.8
Substance3D Stager versions 3.1.7 and earlier allow malicious files to harm your computer
CVE-2026-27279
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in ...
7.8
Substance3D Stager versions 3.1.7 and earlier allow malicious file execution
CVE-2026-27277
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the co...
7.8
Substance3D Stager versions 3.1.7 and earlier allow malicious file execution
CVE-2026-27276
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the co...
7.8
Substance3D Stager: Opening Malicious Files Can Execute Unauthorized Code
CVE-2026-27275
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in ...
7.8
Substance3D Stager versions 3.1.7 and earlier allow malicious files to run code on your computer.
CVE-2026-27274
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in ...
7.8
Substance3D Stager - Malicious File Can Execute Code as You
CVE-2026-27273
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in ...
7.8
Adobe Premiere Pro versions 25.5 and earlier: Malicious file can steal data or take control
CVE-2026-27269
Premiere Pro versions 25.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read p...
7.8
Windows .NET Allows Unauthorized Local Privilege Escalation
GHSA-387c-qmrw-59qv
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-crjq-wm6x-6qx7. This link is maintained to preserve external...
7.8
Ivanti DSM Privilege Escalation Risk: Local Authenticated Attackers
CVE-2026-3483
An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated attacker to escalate their privileges....
7.8
iccDEV Color Management Software Can Crash or Be Hacked
CVE-2026-31796
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow i...
7.8
iccDEV libraries and tools crash or corrupt data
CVE-2026-31795
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow write ...
7.8
iccDEV Color Management Software Crashes or Fails with Invalid Data
CVE-2026-31792
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a null pointer dereference in ...
7.8
iccDEV color management tool crashes or becomes unstable
CVE-2026-30987
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in CIc...
7.8
iccDEV Color Management Libraries Exposed to Memory Corruption
CVE-2026-30985
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow w...
7.8
iccDEV Color Management Software Can Crash or Be Hacked
CVE-2026-30983
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in icF...
7.8
iccDEV: Uncontrolled Memory Growth Crashes Color Management Software
CVE-2026-30979
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow i...
7.8
iccDEV Color Management Tools Crash on Certain Input
CVE-2026-30978
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-use-after-free in CIccC...
7.8
SpaceSniffer v.2.0.5.18: Malicious File Can Execute Unauthorized Code
CVE-2026-26738
Buffer Overflow vulnerability in Uderzo Software SpaceSniffer v.2.0.5.18 allows a remote attacker to execute arbitrary code via a crafted .sns snapsho...
7.8
Azure Arc: Authorized access can be used to gain local admin rights
CVE-2026-26141
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally....
7.8
Microsoft Office Privilege Elevation Vulnerability
CVE-2026-26134
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally....
7.8
Windows Kernel Privilege Elevation via Authorized Access
CVE-2026-26132
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally....
7.8
Windows SMB Server Allows Local Privilege Escalation
CVE-2026-26128
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally....
7.8
Azure Windows Virtual Machine Agent Privilege Escalation
CVE-2026-26117
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges lo...
7.8