1837 matches found
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
CVE-2026-41080 affects libexpat prior to 2.7.6, where insufficient entropy in the hash function allows hash flooding when processing crafted XML documents. The CVE is broadly referenced across OSV, Debian, Red Hat, and Ubuntu entries, with the core impact described as a potential DoS due to resou...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
libexpat 安全漏洞
libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.7.6 had security vulnerabilities; these vulnerabilities were due to insufficient entropy, which could allow for hash flood attacks via specially crafted XML documents...
Linux Distros Unpatched Vulnerability : CVE-2026-41080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080 Note that Nessus relies on the...
PT-2026-33342
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.6 Description The software uses insufficient entropy, which allows hash flooding to occur through a specially crafted XML document. Hash flooding is a technique where many different inputs are designed to produce...
(lib)expat -- Insufficient entropy
https://github.com/libexpat/libexpat/pull/1183 reports: libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
ADAM: A Systematic Data Extraction Attack on Agent Memory Via Adaptive Querying
Large Language Model LLM agents have achieved rapid adoption and demonstrated remarkable capabilities across a wide range of applications. To improve reasoning and task execution, modern LLM agents would incorporate memory modules or retrieval-augmented generation RAG mechanisms, enabling them to...
USN-8152-1: Linux kernel (OEM) vulnerabilities
It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causi...
USN-8152-1 linux-oem-6.17 vulnerabilities
It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causi...
GHSA-GHC5-95C2-VWCV Auth0 Symfony SDK has Insufficient Entropy in Cookie Encryption
Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? Consumers are affected if their application meets the following preconditions: - It...
Auth0 Symfony SDK has Insufficient Entropy in Cookie Encryption
Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? Consumers are affected if their application meets the following preconditions: - It...
GHSA-VFPX-Q664-H93M Auth0 WordPress Plugin has Insufficient Entropy in Cookie Encryption
Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? Consumers are affected if their application meets the following preconditions: - It ...
Auth0 WordPress Plugin has Insufficient Entropy in Cookie Encryption
Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? Consumers are affected if their application meets the following preconditions: - It ...
GHSA-FMG6-246M-9G2V Auth0 laravel-auth0 SDK has Insufficient Entropy in Cookie Encryption
Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? You are affected if you meet the following preconditions: - Applications using...
Auth0 laravel-auth0 SDK has Insufficient Entropy in Cookie Encryption
Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? You are affected if you meet the following preconditions: - Applications using...
CVE-2026-34236
Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. From version 8.0.0 to before version 8.19.0, in applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session...