Posts of last 24 hours
A vulnerability was found in GStreamer. It has been declared as problematic. This affects the function gst_av1_parser_parse_tile_list_obu of the component AV1 Codec Parser. Executing a manipulation can lead to reachable assertion.
This vulnerability is registered as CVE-2026-52718. It is possible to launch the attack remotely. No exploit is available.
https://vuldb.com/vuln/371231
A vulnerability was found in FasterXML jackson-databind up to 2.21.3/3.1.3. It has been declared as critical. Impacted is the function UnwrappedPropertyHandler.processUnwrappedCreatorProperties. The manipulation results in incorrect authorization.
This vulnerability is reported as CVE-2026-54518. The attack can be launched remotely. No exploit exists.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373093
A vulnerability classified as problematic has been found in FasterXML jackson-databind up to 2.18.8/2.21.4/3.1.3. Affected by this issue is the function BeanDeserializerBase.createContextual. This manipulation causes dynamically-determined object attributes.
The identification of this vulnerability is CVE-2026-54515. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373100
A vulnerability classified as problematic was found in FasterXML jackson-databind up to 2.21.3/3.1.3. This affects the function POJOPropertiesCollector._renameProperties. Such manipulation of the argument backing leads to dynamically-determined object attributes.
This vulnerability is referenced as CVE-2026-54516. It is possible to launch the attack remotely. No exploit is available.
Upgrading the affected component is advised.
https://vuldb.com/vuln/373101
A vulnerability, which was classified as problematic, has been found in FasterXML jackson-databind up to 2.21.3/3.1.3. This vulnerability affects the function SetterlessProperty.isMerging. Performing a manipulation results in incorrect authorization.
This vulnerability is identified as CVE-2026-54517. The attack can be initiated remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/373102
A vulnerability marked as critical has been reported in FasterXML jackson-databind up to 2.18.7/2.21.3/3.1.3. This vulnerability affects the function BasicPolymorphicTypeValidator.Builder.allowIfSubTypeIsArray. The manipulation of the argument EvilType[] leads to incomplete blacklist.
This vulnerability is listed as CVE-2026-54513. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
https://vuldb.com/vuln/373014
A vulnerability described as critical has been identified in FasterXML jackson-databind up to 2.18.7/2.21.3/3.1.3. Affected is an unknown function. Executing a manipulation can lead to incomplete blacklist.
This vulnerability is tracked as CVE-2026-54512. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/373043
A vulnerability classified as critical has been found in FasterXML jackson-databind up to 2.18.7/2.21.3/3.1.3. Affected by this vulnerability is an unknown functionality. The manipulation of the argument InetSocketAddress leads to server-side request forgery.
This vulnerability is listed as CVE-2026-54514. The attack may be initiated remotely. There is no available exploit.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373044
A vulnerability described as problematic has been identified in FasterXML jackson-databind up to 2.13.x. This issue affects the function ObjectMapper.readTree. The manipulation results in resource consumption.
This vulnerability is cataloged as CVE-2026-50193. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/373015
A vulnerability marked as critical has been reported in Red Hat Enterprise Linux and OpenShift Container Platform. This vulnerability affects unknown code. Performing a manipulation results in heap-based buffer overflow.
This vulnerability is known as CVE-2026-12725. Remote exploitation of the attack is possible. No exploit is available.
https://vuldb.com/vuln/372706