These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
An Out-of-Bounds Read vulnerability exists in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior. The vulnerability is triggered when parsing a specially crafted VC6 file, potentially allowing an attacker to disclose information or execute arbitrary code. This vulnerability was disclosed by CISA on November 25, 2025, and subsequently updated on May 12, 2026 (Upd [truncated]
An out-of-bounds read vulnerability exists in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior. The flaw occurs during parsing of specially crafted VC6 files and may allow an attacker to disclose information or execute arbitrary code. The vulnerability was disclosed by CISA on November 25, 2025, with an update published on May 12, 2026, that revised affected p [truncated]
CVE-2025-65086 is a high-severity out-of-bounds write issue in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share. According to CISA’s advisory, parsing a specially crafted VC6 file can allow arbitrary code execution. Ashlar-Vellum’s mitigation is to update to build 12.6.1204.217 or later. Because exploitation is tied to file parsing and the CVSS vector includes user interaction, organizations [truncated]
A heap-based buffer overflow vulnerability exists in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior. The vulnerability could allow an attacker to disclose information or execute arbitrary code. The vendor has released an updated build (12.6.1204.217) to address this issue. This vulnerability was initially published on November 25, 2025, and subsequently upda [truncated]
An Out-of-Bounds Write vulnerability (CWE-787) affects Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior. The vulnerability allows an attacker to disclose information or execute arbitrary code. The CVSS 3.1 score of 7.8 (HIGH) reflects local attack vector, low attack complexity, no privileges required, and user interaction required, with high impacts to confide [truncated]
