These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-6653 is a Use After Free vulnerability in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0. A remote attacker can cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling. This CVE was published on 2026-06-22 and has a CVSS score of 7, indicating a High severity. Defenders should assess their exposure and prioritize patching.
A heap corruption vulnerability exists in GNOME Fonts Viewer 3.34.0 that can be triggered through maliciously crafted TTF font files. The vulnerability involves an out-of-bounds write condition that attackers may exploit by supplying a specially crafted font with an oversized pattern, leading to memory exhaustion through repeated memory allocation calls and potential process crash. The CVSS 4.0 vector ind [truncated]
CVE-2016-6163 is a denial-of-service vulnerability in librsvg2 2.40.2. NVD describes the flaw as an out-of-bounds read in rsvg_pattern_fix_fallback in rsvg-paint_server.c, reachable through a crafted SVG file. The weakness is classified as CWE-125, and NVD rates the impact as availability-only loss with no confidentiality or integrity impact. The affected product entry in the NVD record is gnome:librsvg:2 [truncated]