|
21
|
7.8 |
HIGH
Local
|
microsoft
|
pc_manager
|
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-50512
|
2026-06-16 03:22 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The WP MAPS PRO WordPress plugin before 6.1.1 registers an unauthenticated AJAX action which, given a valid nonce that is publicly emitted on any frontend page enqueuing its map script, unconditional…
New
|
-
|
CVE-2026-8935
|
2026-06-16 03:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that…
New
|
-
|
CVE-2026-8386
|
2026-06-16 03:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
- |
|
-
|
-
|
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The import…
New
|
CWE-787
CWE-843
Out-of-bounds Write
Type Confusion
|
CVE-2026-8358
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
- |
|
-
|
-
|
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting dep…
New
|
CWE-193
CWE-787
Off-by-one Error
Out-of-bounds Write
|
CVE-2026-8357
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
- |
|
-
|
-
|
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the fil…
New
|
CWE-121
CWE-787
Stack-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-8356
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
- |
|
-
|
-
|
LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one typ…
New
|
CWE-787
CWE-843
Out-of-bounds Write
Type Confusion
|
CVE-2026-6047
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
- |
|
-
|
-
|
LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the f…
New
|
CWE-190
CWE-787
Integer Overflow or Wraparound
Out-of-bounds Write
|
CVE-2026-6045
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
- |
|
-
|
-
|
A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, …
New
|
CWE-416
CWE-787
Use After Free
Out-of-bounds Write
|
CVE-2026-6040
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
- |
|
-
|
-
|
LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit val…
New
|
CWE-197
CWE-787
Numeric Truncation Error
Out-of-bounds Write
|
CVE-2026-6039
|
2026-06-16 03:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
