PSF-2026-16

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

DEBIAN-CVE-2026-5188

An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name SAN extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect...

Python 安全漏洞

Python is an open-source, object-oriented programming language developed by the Python Foundation. This language features extensibility, support for modules and packages, and compatibility with multiple platforms. However, Python has security vulnerabilities. One of these vulnerabilities stems fr...

EUVD-2026-20992

Unhead has a hasDangerousProtocol bypass via leading-zero padded HTML entities in useHeadSafe...

Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe()

EVIDENCE | Disclosed to Vercel H1 | 2026-03-22 no response after 12 days | | Cross-reported here | 2026-04-03 | --- Summary useHeadSafe is the composable that Nuxt's own documentation explicitly recommends for rendering user-supplied content in safely. Internally, the hasDangerousProtocol functio...

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to missing pre-allocation size checks in the base64 decoding process. An attacker can cause excessive memory allocation by providi...

EUVD-2026-20922

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

DEBIAN-CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

UBUNTU-CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

CVE-2026-5443

CVE-2026-5443 describes a heap buffer overflow during decoding of PALETTE COLOR DICOM images. The pixel length validation uses 32-bit multiplication for width × height, and if these values overflow, the validation may wrongly succeed, allowing the decoder to read and write beyond allocated buffer...

CVE-2026-5443

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

unhead 安全漏洞

Unhead is a document header and template manager open source by UnJS. Versions of Unhead prior to 2.1.13 contained security vulnerabilities; these vulnerabilities stemmed from regular expression restrictions during the decoding of HTML entities, which could lead to cross-site scripting attacks...

Orthanc 安全漏洞

Orthanc is a free open-source software developed by the Orthanc company. Orthanc has a security vulnerability, which stems from a heap buffer overflow in the DICOM image decoder. This vulnerability may lead to integer overflows and out-of-bound memory accesses during image decoding...

PT-2026-31578

Name of the Vulnerable Software and Affected Versions The Ultimate FAQ Accordion plugin for WordPress versions through 2.4.7 Description The Ultimate FAQ Accordion plugin for WordPress is susceptible to Stored Cross-Site Scripting through FAQ content. This occurs because the plugin uses html enti...

Linux Distros Unpatched Vulnerability : CVE-2026-5445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLO...

Linux Distros Unpatched Vulnerability : CVE-2026-5443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and...

Allocation of Resources Without Limits or Throttling

Overview @modern-js/utils is a progressive web framework based on React. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the createMap, createSet, and extractIterator functions in packages/react-server/src/ReactFlightReplyServer.js. An...

CLSA-2026-1775669370 ImageMagick: Fix of CVE-2026-25986

CVE-2026-25986: heap buffer overflow write in YUV decoder when image dimensions are not properly validated...

GHSA-588R-CR5C-W6HF OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

Summary internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic: c wavbuf += nx ny wcount; Because nx, ny, and wcount are int, a crafted EXR file can make this product overflow and wrap. The next channel then decodes from an incorrect address. The wavelet decode path...