@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/fixes (>=0.1.4 <=0.3.1)

@squawk/fixes NPM version =0.1.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3442...

CLSA-2026-1776083558 binutils: Fix of 4 CVEs

CVE-2025-5244: fix NULL deref in elfgcsweep on empty section group - CVE-2025-5245: fix NULL deref in debugtypesamep for incomplete enum types - CVE-2026-3441, CVE-2026-3442: fix xcofflink out-of-bounds accesses...

CVE-2026-3442

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

CVE-2026-3442

CVE-2026-3442 is a reported heap-based buffer overflow in the GNU Binutils bfd linker, caused by a missing r_symndx bounds check in xcoff_link_add_symbols. Exploitation would involve processing a crafted XCOFF object file and could lead to information disclosure or an application crash/DoS. Multi...

Exploit for CVE-2026-3442

CVE...

BELL-CVE-2026-3442 CVE-2026-3442 does not affect BellSoft software

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2026-3442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out- of-bounds read, exists in the bfd linker component. An...

EUVD-2026-3442

The Bookingor WordPress plugin through 1.0.12 exposes authenticated AJAX actions without capability or nonce checks, allowing low-privileged users to delete Bookingor WordPress plugin through 1.0.12 data...

CVE-2022-3442

A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2025-3442

creationtimestamp| type| source ---|---|--- 2025-04-09 10:04:54+00:00| seen| https://t.me/cvedetector/22539 2025-04-09 18:48:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11130 2025-04-09 21:43:21+00:00| seen|...

CVE-2025-3442 Information Disclosure Vulnerability in TP-Link Tapo IoT Smart Hub

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the...

CVE-2025-3442 Information Disclosure Vulnerability in TP-Link Tapo IoT Smart Hub

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the...

CVE-2024-3442

A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. This affects an unknown part of the file /Employee/deleteleave.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2024-3442 SourceCodester Prison Management System delete_leave.php sql injection

A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. This affects an unknown part of the file /Employee/deleteleave.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2023-3442

creationtimestamp| type| source ---|---|--- 2023-07-26 22:27:54+00:00| seen| https://t.me/cibsecurity/67310...

CVE-2023-3442

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

CVE-2023-3442 Missing Authorization in Jenkins plug-in for ServiceNow DevOps

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

CVE-2023-3442 Missing Authorization in Jenkins plug-in for ServiceNow DevOps

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

CVE-2023-3442

CVE-2023-3442 affects the Jenkins Plug-in for ServiceNow DevOps prior to version 1.38.1. The issue is a missing authorization check that could allow exposure of sensitive information when exploited. The advisory explicitly recommends updating the plugin on Jenkins servers to 1.38.1; no changes ar...