CVE-2026-6846

CVE-2026-6846 describes a heap-buffer-overflow in GNU binutils during linking when processing a specially crafted XCOFF object file. The vulnerability affects the XCOFF handling code, where a crafted file can trigger arbitrary code execution or a denial of service. The advisory notes local exploi...

CVE-2026-6846

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution,...

CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

CVE-2026-6843

CVE-2026-6843 affects the nano editor. A local user can trigger a format string vulnerability in the statusline() function by creating a directory whose name contains printf specifiers; nano attempts to display this name and may segfault, causing a Denial of Service. The vulnerability is document...

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

CVE-2026-6845

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...

freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation

A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. A malicious server can trigger a client‑side heap use after free causing a crash...

freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation

A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. A malicious server can trigger a client‑side heap use after free causing a crash...

Red Hat Enterprise Linux 格式化字符串错误漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a vulnerability related to format string errors. This vulnerability stems from a flaw in the statusline function’s handling of format strings. Local users can...

Red Hat Enterprise Linux 代码问题漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a code vulnerability that allows local attackers to cause denial-of-service attacks by tricking users into processing specially crafted ELF files. This...

pypdf 安全漏洞

pypdf is an open-source, free Python library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages within PDF files. Prior to version 6.10.2, pypdf had a security vulnerability that could lead to memory exhaustion when accessing images with large dimensions using t...

PT-2026-34312

Name of the Vulnerable Software and Affected Versions nano affected versions not specified Description A local user can cause a Denial of Service in the application by exploiting a format string flaw in the statusline function. This occurs when the application attempts to display a directory name...

Joern 4.0.525

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

DNG File Generator for Security Testing

This C++ program is a complex security research tool CVE-2026-27280 designed to manually construct a DNG Digital Negative image file with fully controlled internal structures TIFF/DNG headers, IFD tables, and metadata tags...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013784 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor,...

Linux Distros Unpatched Vulnerability : CVE-2026-6843

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing...