CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

CVE-2026-43362

CVE-2026-43362 affects the Linux kernel SMB client by an in-place encryption flaw in SMB2_write(), where the write payload could be replaced with ciphertext during retries on unstable connections. The root cause is that smb3_init_transform_rq() shares rq_iov, causing crypt_message() to in-place-e...

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

BIT-JRE-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling

GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...

SUSE CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

EUVD-2026-28471

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...

PT-2026-39023

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10 Description A flaw exists in the SMB client where the SMB2 write function places the write payload in iov1..n as part of rq iov. Because smb3 init transform rq pointer-shares rq iov, the crypt message functi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the local variable permutedstate is not cleared before leaving its scope during...

Legion of the Bouncy Castle BC-FJA 安全漏洞

The Legion of the Bouncy Castle BC-FJA is a set of encryption library components provided by the Australian company Legion of the Bouncy Castle. These components offer high-intensity encryption algorithms and security certification capabilities. The Legion of the Bouncy Castle BC-FJA has a securi...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a corruption in the on-the-fly encryption process in the SMB2write function. This vulnerability may cau...

Linux Distros Unpatched Vulnerability : CVE-2026-43362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqio...

PT-2026-39038

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description When KSMBD DEBUG AUTH logging is enabled, the functions generate smb3signingkey and generate smb3encryptionkey log the session, signing, encryption, and decryption key bytes, which can...

PT-2026-39193

Name of the Vulnerable Software and Affected Versions SmarterTools SmarterMail versions prior to 9560 Description An issue in the '/api/v1/report/summary/type' API endpoint allows authenticated users to perform local file inclusion, enabling the reading of arbitrary .json files on the system. Thi...

LibreOffice 25.8.x < 25.8.7 / 26.2.x < 26.2.3 Heap Buffer Overflow (CVE-2026-4430)

The version of LibreOffice installed on the remote host is prior to 25.8.7 or 26.2.3. It is, therefore, affected by a heap buffer overflow vulnerability: - An out-of-bounds write vulnerability exists in the AgileEngine component of LibreOffice. An attacker can exploit this by crafting a malicious...

rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding

CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...

CVE-2026-6411

The CVE-2026-6411 issue affects MAXHUB Pivot client applications before v1.36.2. It stems from a hardcoded AES key, allowing decrypting encrypted tenant email addresses and related metadata, resulting in cleartext exposure. Additionally, an attacker could trigger a denial-of-service by enrolling ...

CVE-2026-6411 MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...

CVE-2026-6411

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...

CVE-2026-6411 MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm

This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...

Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui

HTB-Snapped--Writeup HTB Snapped — Hard Linux machine writeup...