Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service due to use of Bytes (CVE-2026-25541)

Summary IBM DataPower Gateway uses Bytes in the 'Gateway Peering' feature, and in 10.6.0 and 10.6CD only the 'GitOps' feature. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to...

Vulnerability fixed in Wing FTP Server

The developer of Wing FTP Server has fixed a vulnerability in version 7.4.4. The vulnerability is in the way Wing FTP Server processes null bytes in the user parameter. This allows a remote malicious person to inject arbitrary Lua code into session files, which can lead to the execution of...

CVE-2019-10896

Wireshark CVE-2019-10896 affects DOF dissector in versions 2.4.0–2.4.13, 2.6.0–2.6.7, and 3.0.0. The root cause is improper handling of generated IID and OID bytes in epan/dissectors/packet-dof.c, which could cause a crash. The vulnerability is addressed by the DOF dissector fix in that file. Rem...