ZDI-26-360: MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability 12/06/2026
ZDI-26-358: Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability 12/06/2026
ZDI-26-360: MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of MATE Desktop Atril Document Viewer. User interaction... 12/06/2026 Zero-Day Initiative
ZDI-26-359: Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung rlottie. Interaction with the rlottie library... 12/06/2026 Zero-Day Initiative
ZDI-26-358: Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit... 12/06/2026 Zero-Day Initiative
ZDI-26-357: Allegra exportReport Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this... 12/06/2026 Zero-Day Initiative
ZDI-26-356: Apache HTTP Server mod_proxy_ajp Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache HTTP Server. An attacker must first... 12/06/2026 Zero-Day Initiative
ZDI-26-355: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is... 11/06/2026 Zero-Day Initiative
CVE-2026-50751 — Defending Against the Check Point IKEv1 VPN Authentication Bypass Summary CVE-2026-50751 is an actively exploited authentication-bypass vulnerability in Check Point remote-access VPN — not a generic perimeter flaw. Disclosed by... 11/06/2026 Qualys-Threat-Protect
Microsoft Patch Tuesday, June 2026 Security Update Review Every Patch Tuesday presents a race between defenders applying fixes and attackers seeking opportunities. Microsoft’s June 2026 release is no exception,... 10/06/2026 Qualys-Threat-Protect
Google Zero-day Vulnerability Exploited in the Wild (CVE-2026-11645) Google released security updates to address a large number of vulnerabilities impacting the Chrome browser. Tracked as CVE-2026-11645, this is an out-of-bounds memory access vulnerability in the V8... 10/06/2026 Qualys-Threat-Protect
ZDI-26-354: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is... 10/06/2026 Zero-Day Initiative
