ZDI-26-315: Apple macOS USD Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library... 13/05/2026 Zero-Day Initiative
ZDI-26-314: Apple macOS USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library... 13/05/2026 Zero-Day Initiative
ZDI-26-313: Apple Safari Regular Expression Duplicate Named Groups Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to... 13/05/2026 Zero-Day Initiative
ZDI-26-312: Apple Safari Web Inspector WebCore Style Resolver Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to... 13/05/2026 Zero-Day Initiative
ZDI-26-311: Apple macOS CoreSymbolication Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreSymbolication framework... 13/05/2026 Zero-Day Initiative
ZDI-26-310: Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 13/05/2026 Zero-Day Initiative
ZDI-26-309: Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows that run Message Queueing. An attacker... 13/05/2026 Zero-Day Initiative
ZDI-26-308: Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. Although authentication is required... 13/05/2026 Zero-Day Initiative
Ollama Heap Out-of-bounds Read Vulnerability Leads to Remote Process Memory Leak (CVE-2026-7482) Threat researchers have identified a critical severity vulnerability impacting Ollama. Tracked as CVE-2026-7482, successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to... 12/05/2026 Qualys-Threat-Protect
Ivanti Endpoint Manager Mobile Vulnerability Exploited in the Wild (CVE-2026-6973) Ivanti released security updates to address five high-severity vulnerabilities impacting Endpoint Manager Mobile (EPMM). One of these vulnerabilities, tracked as CVE-202606973, is said to be exploited in zero-day attacks.... 08/05/2026 Qualys-Threat-Protect
