Lucene search
K

3473 matches found

NVD
NVD
added 2026/06/26 9:16 a.m.8 views

CVE-2026-11702

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

7.5CVSS0.00292EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 9:16 a.m.5 views

UBUNTU-CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/26 8:29 a.m.10 views

CVE-2026-53211

A flaw was found in the Linux kernel's netfilter component, specifically in nftmetabridge. The NFTMETABRIIIFHWADDR register, intended for hardware address storage, is declared with a length of 6 bytes but is tracked as 8 bytes during initialization. When nftmetabridgegeteval writes to this...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 8:13 a.m.19 views

CVE-2026-11702

Affected: Bytes::Random::Secure::Tiny for Perl, versions up to 1.011. Root cause: PRNG internal state is shared across forked processes if an object is initialised before forking, leading to identical random streams. Impact: secrets generated in multiprocess apps can be predictable across process...

7.5CVSS5.8AI score0.00292EPSS
Exploits0References5
CVE
CVE
added 2026/06/26 8:7 a.m.15 views

CVE-2026-11625

CVE-2026-11625 affects Bytes::Random::Secure for Perl up to version 0.29. The PRNG internal state is shared across forked processes when an object is created before forking or when the functional interface is used, causing identical random streams and potentially exposing secrets generated in mul...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/26 8:7 a.m.41 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

0.00309EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/26 8:7 a.m.6 views

CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.8AI score0.00309EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.6 views

SUSE CVE-2026-53165

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.17 views

PT-2026-52681

Name of the Vulnerable Software and Affected Versions Bytes::Random::Secure versions prior to 0.30 Description Internal state for the Pseudo-Random Number Generator PRNG is shared across forked processes when an object is initialized before forking or when the functional interface is used. This...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52682

Name of the Vulnerable Software and Affected Versions Bytes::Random::Secure::Tiny versions prior to 1.012 Description Internal state for the Pseudo-Random Number Generator PRNG is shared across forked processes when an object is initialized before the fork occurs. This leads to the production of...

7.5CVSS5.7AI score0.00292EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/25 10:14 p.m.11 views

EUVD-2026-31388

golang.org/x/crypto/ssh: Invoking byte arithmetic causes underflow and panic...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/25 10:14 p.m.7 views

golang.org/x/crypto: Invoking byte arithmetic causes underflow and panic

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

7.5CVSS6AI score0.00359EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/25 10:12 p.m.11 views

EUVD-2026-31402

golang.org/x/crypto/ssh/agent: Invoking pathological inputs can lead to client panic...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 10:12 p.m.3 views

GHSA-9M57-25V3-79X9 golang.org/x/crypto: Invoking pathological inputs can lead to client panic

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

5.3CVSS6AI score0.00313EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/25 10:12 p.m.8 views

golang.org/x/crypto: Invoking pathological inputs can lead to client panic

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

5.3CVSS6AI score0.00313EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/25 8:17 p.m.4 views

UBUNTU-CVE-2026-10097

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 6:40 p.m.2 views

GHSA-W9WP-H8WV-79JX opentelemetry_sdk has unbounded memory allocation in W3C Baggage propagation

Summary BaggagePropagator::extractwithcontext in opentelemetrysdk did not enforce the W3C Baggage size limits before parsing an inbound baggage header. A large attacker-controlled header could cause unnecessary CPU work and short-lived heap allocations while parsing entries that would later be...

5.3CVSS5.9AI score0.00096EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 6:36 p.m.54 views

CVE-2026-28898

CVE-2026-28898 concerns swift-nio-http2, where the HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before translating to HTTP/1.1. The issue is addressed in swift-nio-http2 1.44.1, which adds validation for all pseudo-header values (:path, :authority, :scheme...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39184

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

7.2CVSS5.9AI score0.00265EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53165

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS0.00359EPSS
Exploits0References2
Rows per page
Query Builder