CVE Vulnerabilities - 2 April 2026

An attacker can join Juju's database cluster without a password, gaining access to sensitive data. This means an attacker could potentially steal or modify Juju's internal data. To address this, updat...

The HCL BigFix Platform uses private cryptographic keys on Windows machines. If these keys have overly permissive permissions, unauthorized users may access them, potentially compromising sensitive da...

A security flaw in the stb library, used in audio processing, allows a remote attacker to write to memory, potentially causing unexpected behavior or crashes. This affects users who rely on stb for au...

Authenticated users can add malicious JavaScript code to the IBM Content Navigator website, potentially allowing them to access sensitive information. This could happen even when a user is already log...

Nothings stb Vorbis library, used in various applications, has a vulnerability that could allow an attacker to cause the system to run out of resources, potentially leading to a denial of service. Thi...

A security issue in Nothings stb version 1.26 and earlier can allow an attacker to access sensitive data from a TTF file remotely. This means that a malicious actor could potentially access confidenti...

The HCL BigFix Platform may allow users to access areas of the platform without properly verifying their identity. This could lead to malicious users accessing sensitive information or making unauthor...