BELL-CVE-2026-6104 CVE-2026-6104 does not affect BellSoft software

Bulletin has no description...

SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

CVE-2026-6104 Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

CVE-2026-6104

creationtimestamp| type| source ---|---|--- 2026-05-08 08:02:13+00:00| seen| https://bsky.app/profile/slackers.it/post/3mldbcb5xiz22 2026-05-10 07:09:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mli7cpqapq2k 2026-05-11 12:10:08+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-6104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstri...