Published threat advisories for May 27, 2026

A heap buffer overflow vulnerability in the libjxl library could permit attackers to access or alter data by providing specially crafted PBM images. This poses a business risk to organizations relying on the library for image processing, potentially leading to service disruption or data compromise.

NVD published: May 27, 2026

A buffer overflow vulnerability in IBM Aspera's network transfer component could allow unauthenticated attackers to cause denial of service, bypass authentication, or execute remote code, impacting service availability and integrity.

NVD published: May 27, 2026

IBM Langflow OSS versions 1.0.0 through 1.9.1 have a remote code execution flaw due to improper symbolic link validation during archive extraction. This could allow an attacker to execute unauthorized code on affected systems, creating a significant business risk.

NVD published: May 27, 2026

A buffer overflow vulnerability in Synology BeeStation OS allows remote attackers to execute arbitrary code. This could lead to unauthorized access and potential data compromise for affected organizations. The realistic business risk involves a breach of system integrity and confidentiality.

NVD published: May 27, 2026

A server-side request forgery vulnerability in GitHub Enterprise Server allows unauthenticated attackers to access internal services and potentially sensitive credentials. The issue stems from insufficient input validation in an upload endpoint, enabling attackers to redirect internal API calls. This presents a busines

NVD published: May 27, 2026