ROOT-OS-DEBIAN-12-CVE-2026-43306 CVE-2026-43306 in rootio-linux - Patched by Root

Root has patched CVE-2026-43306 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2026-43306 CVE-2026-43306 in rootio-linux - Patched by Root

Root has patched CVE-2026-43306 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2026-43306 CVE-2026-43306 in rootio-linux - Patched by Root

Root has patched CVE-2026-43306 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

CVE-2025-43306

creationtimestamp| type| source ---|---|--- 2026-05-27 02:45:37+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mmsihnwhmn2v 2026-05-27 04:01:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmsmpfgm3q2s...

CVE-2026-43306 affecting package kernel for versions less than 6.6.138.1-1

CVE-2026-43306 affecting package kernel for versions less than 6.6.138.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-43306

In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type that matches the target function. I ran into the following type...

CVE-2026-43306

CVE-2026-43306 affects the Linux kernel due to bpf: crypto: Use the correct destructor kfunc type. With CONFIG_CFI enabled, indirect calls must match the target function’s pointer type. In the reported case, a CFI failure occurred at bpf_obj_free_fields while freeing a BPF crypto context, signali...

Linux Distros Unpatched Vulnerability : CVE-2026-43306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type...

CVE-2024-43306

creationtimestamp| type| source ---|---|--- 2024-08-18 18:17:00+00:00| seen| https://t.me/cvedetector/3469...

CVE-2024-43306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through = 3.6.0...

CVE-2024-43306 WordPress WP-Lister Lite for eBay plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through = 3.6.0...

CVE-2024-43306

CVE-2024-43306 affects the WordPress WP-Lister Lite for eBay plugin,

WordPress WP-Lister Lite for eBay Plugin <= 3.6.0 is vulnerable to Cross Site Scripting (XSS)

Software WP-Lister Lite for eBay Type Plugin Vulnerable versions = 3.6.0 Fixed in 3.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43306 Patch priority Medium CVSS severity Medium 7.1 Developer WP Lab PSID d4c17ecc0795 Credits LVT-tholv2k Required privilege...

CVE-2022-43306

creationtimestamp| type| source ---|---|--- 2022-11-07 18:34:19+00:00| seen| https://t.me/cibsecurity/52593 2025-05-05 18:19:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14946...

CVE-2022-43306

The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-dates package. The affected version of d8s-htm is 0.1.0...

CVE-2022-43306

The CVE-2022-43306 entry concerns the PyPI package d8s-timer for Python, with the affected version 0.1.0. Multiple connected documents state that a third-party inserted a potential code-execution backdoor, specifically via the democritus-dates package, leading to a total impact in the software ch...

Input validation

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

CVE-2022-31147

The vulnerability CVE-2022-31147 affects the jquery-validation plugin (npm/package jquery-validation). Versions prior to 1.19.5 are vulnerable to a Regular Expression Denial of Service (ReDoS) in the url2 method, due to an incomplete fix for CVE-2021-43306. Impact is a potential DoS; no exploit d...

CVE-2022-31147 jquery-validation ReDoS in url2 due to incomplete fix of CVE-2021-43306

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

GHSA-FFMH-X56J-9RC3 jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method

Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...