Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.8 CVE-2026-56377

ImageMagick – Policy Bypass via Incorrect Path Validation_CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. R...

ImageMagick ImageMagick CVE
MEDIUM 6.3 CVE-2026-56369

ImageMagick – Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage_CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attacke...

ImageMagick ImageMagick CVE
MEDIUM 6.3 CVE-2026-56365

ImageMagick – Memory Leak in PNG Encoder via MNG Image Writing_CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder fail...

ImageMagick ImageMagick CVE
LOW 1.8 CVE-2026-56364

ImageMagick – Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML_CVE-2026-56364

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profi...

ImageMagick ImageMagick CVE
MEDIUM 4.8 CVE-2026-56363

ImageMagick – Division by Zero in Binomial Kernel Processing_CVE-2026-56363

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of servic...

ImageMagick ImageMagick CVE
MEDIUM 4.8 CVE-2026-56361

ImageMagick – Heap Buffer Overflow via Off-by-One in Morphology Processing_CVE-2026-56361

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger h...

ImageMagick ImageMagick CVE
MEDIUM 5.1 CVE-2026-56356

n8n – Stored Cross-Site Scripting in Chat Trigger Node Custom CSS Field_CVE-2026-56356

n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html...

n8n n8n CVE
MEDIUM 6 CVE-2026-56350

n8n – SSO Enforcement Bypass via API_CVE-2026-56350

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attac...

n8n n8n CVE
MEDIUM 5.3 CVE-2026-56334

Capgo – Missing UPDATE RLS Policy for Build Status Persistence_CVE-2026-56334

Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table, preventing API-key and anonymous access from persisti...

Capgo Capgo CVE
MEDIUM 5.3 CVE-2026-56333

Capgo – Server-Side Validation Bypass via Direct Browser-Side Organization Security Settings Updates_CVE-2026-56333

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins...

Capgo Capgo CVE