ZDI-26-163: GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... 07/03/2026 Zero-Day Initiative
ZDI-26-162: GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... 07/03/2026 Zero-Day Initiative
ZDI-26-161: GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... 07/03/2026 Zero-Day Initiative
ZDI-26-160: (Pwn2Own) Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required... 07/03/2026 Zero-Day Initiative
ZDI-26-159: (Pwn2Own) Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required... 07/03/2026 Zero-Day Initiative
ZDI-26-158: (Pwn2Own) Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required... 07/03/2026 Zero-Day Initiative
ZDI-26-157: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to... 07/03/2026 Zero-Day Initiative
ZDI-26-156: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to... 07/03/2026 Zero-Day Initiative
Cisco Patches Secure Firewall Management Center Software Vulnerabilities (CVE-2026-20079 & CVE-2026-20131) Cisco released security updates to address two critical-severity vulnerabilities impacting the Secure Firewall Management Center Software. Successful exploitation of the vulnerabilities may lead to code execution. Cisco... 06/03/2026 Qualys-Threat-Protect
VMware Aria Operations Vulnerability Added to CISA Known Exploited Vulnerabilities Catalog (CVE-2026-22719) CISA warns users about an actively exploited vulnerability in VMware Aria Operations by adding it to its Known Exploited Vulnerabilities Catalog. Tracked as CVE-2026-22719, CISA... 04/03/2026 Qualys-Threat-Protect
