CVE-2026-61455: Improper Handling of Highly Compressed Data (Data Amplification) in getgrav grav
Grav versions before 2.0.1 have a decompression bomb vulnerability in the ZipArchiver::extract() function. This vulnerability arises because the function does not limit the uncompressed size, file…
Read the full articleYou might also wanna read
Critical 7-Zip vulnerability (CVE-8.8) enables code execution via crafted archive files; update to version 26.01 urged
Everyone, get your update hats on immediately; we're at DEFCON 1
Analysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002
A recently disclosed 7-Zip vulnerability allows malicious actors to execute code remotely through specially crafted ZIP files

NVD - CVE-2025-9033
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code

CVE-2025-9032: Heap Buffer Out-of-Bounds Read Vulnerability in Avira Antivirus Engine
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution o
Analysis of CVE-2026-4020: Coordinated Google Cloud Fleet Exploiting Gravity SMTP WordPress Vulnerability
Almost every IP we logged exploiting the Gravity SMTP credential bug shares one HTTP fingerprint. Behind it is a Google Cloud fleet of thous
Technical Analysis: Critical Weaknesses in xz Compressed Data Format Design
One of the challenges of digital preservation is the evaluation of data formats. It is important to choose well-designed data formats for ge

Comments
Sign in to join the conversation.
No comments yet. Be the first.