Heap Buffer Overflow Archives • Daily CyberSecurity

New 7-Zip Heap Buffer Overflow Disclosed with Public PoC 7-Zip heap buffer overflow CVE-2025-0411 7-Zip path traversal

New 7-Zip Heap Buffer Overflow Disclosed with Public PoC

Do Son May 26, 2026

Security researchers have uncovered a critical security flaw in the popular file archiver 7-Zip. Specifically, this 7-Zip...

Critical 9.2 CVSS: NGINX JavaScript Module Flaw (CVE-2026-8711) Triggers Heap Buffer Overflows NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

Critical 9.2 CVSS: NGINX JavaScript Module Flaw (CVE-2026-8711) Triggers Heap Buffer Overflows

Do Son May 20, 2026

F5 has issued a critical security advisory warning administrators about a severe vulnerability lurking within the NGINX...

NGINX Rift: Critical 18-Year-Old Flaw CVE-2026-42945 Actively Exploited to Crash Servers NGINX Rift CVE-2026-42945

NGINX Rift: Critical 18-Year-Old Flaw CVE-2026-42945 Actively Exploited to Crash Servers

Do Son May 19, 2026

The renowned open-source reverse proxy server, NGINX, has disclosed a critical security vulnerability designated as CVE-2026-42945, garnering...

PoC Exploit Publicly Disclosed: 20-Year-Old PostgreSQL pgcrypto Flaw (CVE-2026-2005) Grants Full Superuser RCE PostgreSQL pgcrypto PoC Exploit CVE-2026-2005 Public Disclosure

PostgreSQL pgcrypto PoC Exploit CVE-2026-2005 Public Disclosure

PoC Exploit Publicly Disclosed: 20-Year-Old PostgreSQL pgcrypto Flaw (CVE-2026-2005) Grants Full Superuser RCE

Do Son May 19, 2026

A critical heap buffer overflow vulnerability lurking in PostgreSQL’s core cryptographic extension for over two decades has...

Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed NGINX RCE Vulnerability CVE-2026-42945 PoC

Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed

Do Son May 14, 2026

Security researcher Zhenpeng (Leo) Lin of depthfirst has unveiled a critical, 18-year-old vulnerability lurking within NGINX. The...

Chrome 147 Update: Google Patches Critical $90,000 ANGLE Flaw and 30 Other Security Gaps Chrome Security Update $90K Bug Bounty

Chrome 147 Update: Google Patches Critical $90,000 ANGLE Flaw and 30 Other Security Gaps

Do Son April 16, 2026

Google has begun rolling out a high-stakes update for the Chrome stable channel, addressing a total of...

Critical—9 Vulnerabilities in Orthanc DICOM Servers Threaten Medical Data Integrity CVE-2025-2263 Orthanc Security DICOM Vulnerabilities

Critical—9 Vulnerabilities in Orthanc DICOM Servers Threaten Medical Data Integrity

Do Son April 14, 2026

A series of critical security flaws has been uncovered in Orthanc, the popular open-source “lightweight Digital Imaging...

The $86,000 Patch: Chrome 147 Crushes “Critical” WebML Memory Flaws Chrome 147 Security WebML Vulnerabilities

The $86,000 Patch: Chrome 147 Crushes “Critical” WebML Memory Flaws

Do Son April 9, 2026

The Google Chrome team has officially promoted Chrome 147 to the stable channel for Windows, Mac, and...

Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered Chrome 146 Security CVE-2026-3913

Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered

Do Son March 12, 2026

Google has officially promoted Chrome 146 to the stable channel for Windows, Mac, and Linux, kicking off...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Urgent Chrome Patch: Google Fixes High-Severity PDF and V8 Engine Flaws

Do Son February 19, 2026

Google has initiated an urgent rollout for the Chrome Stable channel, delivering a crucial update to patch...

30-Year-Old Bug: High-Severity libpng Flaw (CVSS 8.3) Exposes Millions of Apps libpng Vulnerability CVE-2026-25646 libpng Vulnerability Remote Code Execution (RCE)

libpng Vulnerability CVE-2026-25646 libpng Vulnerability Remote Code Execution (RCE)

30-Year-Old Bug: High-Severity libpng Flaw (CVSS 8.3) Exposes Millions of Apps

Do Son February 10, 2026

A high-severity vulnerability has been unearthed in libpng, the official and ubiquitous reference library for handling PNG...

Chrome 144 Security Alert: V8 & Libvpx Flaws Expose Systems to Hacks

Do Son February 4, 2026

The Stable channel for desktop users has just received a crucial security update, patching two high-severity vulnerabilities...

ImageMagick Alert (CVE-2026-23876): “XBM” Image Uploads Trigger Massive Heap Overflow ImageMagick Vulnerability CVE-2026-23876 ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Alert (CVE-2026-23876): “XBM” Image Uploads Trigger Massive Heap Overflow

Do Son January 21, 2026

A new high-severity vulnerability has been discovered in ImageMagick, the ubiquitous image processing library powering everything from...

Exim’s Poisoned Record: How a Failed Patch and SQL Injection Lead to Critical Heap Overflows CVE-2025-26794 Exim SQL Injection, Heap Buffer Overflow

CVE-2025-26794 Exim SQL Injection, Heap Buffer Overflow

Exim’s Poisoned Record: How a Failed Patch and SQL Injection Lead to Critical Heap Overflows

Do Son December 22, 2025

A new security advisory has revealed significant cracks in the armor of Exim, one of the world’s...

Critical strongSwan Heap Overflow in EAP-MSCHAPv2 Plugin Allows Remote Code Execution CVE-2025-62291 strongSwan Heap Overflow

Critical strongSwan Heap Overflow in EAP-MSCHAPv2 Plugin Allows Remote Code Execution

Do Son October 29, 2025

The strongSwan Team has disclosed a critical heap-based buffer overflow vulnerability (CVE-2025-62291) in the EAP-MSCHAPv2 plugin used...

OpenWrt Patches ubusd RCE Flaw (CVE-2025-62526) and Kernel Memory Leak (CVE-2025-62525) in DSL Driver OpenWrt Ubusd RCE, Kernel Memory Leak

OpenWrt Patches ubusd RCE Flaw (CVE-2025-62526) and Kernel Memory Leak (CVE-2025-62525) in DSL Driver

Do Son October 27, 2025

The OpenWrt Project has patched two high-severity vulnerabilities affecting its Linux-based firmware for embedded devices. The flaws,...

Chrome 141 Stable Fixes Two High-Severity Flaws: Heap Overflow in Sync and UAF in Storage

Do Son October 8, 2025

Google has released a new Stable Channel update for Chrome 141.0.7390.65/.66 on Windows and macOS and 141.0.7390.65...

Critical Squid Vulnerability (CVE-2025-54574) Allows Remote Code Execution & Data Leakage CVE-2024-45802 Squid Vulnerability, Remote Code Execution CVE-2025-54574

CVE-2024-45802 Squid Vulnerability, Remote Code Execution CVE-2025-54574

Critical Squid Vulnerability (CVE-2025-54574) Allows Remote Code Execution & Data Leakage

Do Son August 4, 2025

The Squid Project has issued an urgent advisory for CVE-2025-54574 (CVSS 9.3), a heap buffer overflow bug...

Electron Flaws: ASAR Bypass & Buffer Overflow Threaten Desktop Apps Electron Security Sandbox Escape Electron Vulnerabilities, Desktop App Security

Electron Security Sandbox Escape Electron Vulnerabilities, Desktop App Security

Electron Flaws: ASAR Bypass & Buffer Overflow Threaten Desktop Apps

Do Son July 1, 2025

The Electron team has published a new security advisory addressing two significant vulnerabilities that could impact a...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Critical Chrome Security Update: Patch CVE-2025-3619 & CVE-2025-3620 Now!

Do Son April 16, 2025

Google has released a critical security update for its Chrome browser, pushing version 135.0.7049.95/.96 to the Stable...

Critical Alert