Lucene search
K

1680 matches found

CVE
CVE
added 2026/06/24 7:14 a.m.15 views

CVE-2026-52914

In the Linux kernel, the batman-adv component is affected by CVE-2026-52914. The root cause is an accounting bug where the accumulated fragment length used for validating queued fragment chains can be truncated during updates. This allows malformed fragment chains to bypass validation and drive r...

9.8CVSS5.7AI score0.00519EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52914

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated...

9.8CVSS5.6AI score0.00519EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51707

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the running payload length for queued fragments can be truncated during updates. This allows malformed fragment chains to bypass validation...

9.8CVSS5.7AI score0.00519EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51709

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv frag skb buffer function is called by batadv batman skb recv upon receiving a BATADV UNICAST FRAG packet. After reassembling the...

6AI score0.00177EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52038

Name of the Vulnerable Software and Affected Versions Tapo C200 v3 Description A denial-of-service DoS issue exists in the network packet handling logic due to improper processing of IPv4 fragmented packets. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52003

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the powerpc architecture's page table fragment management. The system uses pt frag refcount to track page table fragments. When pte free defer is called during madvise...

4.8CVSS6AI score0.00161EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once a...

6AI score0.00177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-52914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain...

9.8CVSS6AI score0.00519EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 9:17 p.m.8 views

CVE-2026-47384

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific...

5.3CVSS0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:35 p.m.27 views

CVE-2026-47377 NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that...

5.1CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:35 p.m.26 views

CVE-2026-47377

NocoDB before 2026.04.1 is vulnerable to an open redirect via the client-side hashRedirect plugin. The plugin constructs a URL from the hash fragment and uses window.location.replace, and it accepts protocol-relative paths (e.g., //attacker.com/…), enabling silent redirection to attacker-controll...

5.1CVSS5.9AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 4:13 p.m.39 views

CVE-2026-50019 yt-dlp: File Downloader cookie leak with curl

yt-dlp is a command-line audio/video downloader. From 2023.09.24 until 2026.06.09, if curl is used as an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect or when the host for download fragments differs from their parent manifest's. At the file downloa...

6.1CVSS0.00268EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/22 6:28 a.m.9 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
NVD
NVD
added 2026/06/19 8:16 p.m.13 views

CVE-2026-49345

Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Server-Side Request Forgery SSRF vulnerability exists in Mercator's CVE configuration panel /admin/config/parameters. The testProvider method in ConfigurationController passes...

5.3CVSS0.0054EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/19 2:22 p.m.5 views

NPM: undici WebSocket client vulnerable to denial of service via fragment count bypass

NPM: undici WebSocket client vulnerable to denial of service via fragment count bypass vulnerability discovered by ? in WordPress Npm undici versions 6.27.0...

7.5CVSS5.8AI score0.00641EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/19 2:22 p.m.17 views

GHSA-VXPW-J846-P89Q undici WebSocket client vulnerable to denial of service via fragment count bypass

Impact The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size...

7.5CVSS5.9AI score0.00641EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/19 2:22 p.m.12 views

undici WebSocket client vulnerable to denial of service via fragment count bypass

Impact The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size...

7.5CVSS5.9AI score0.00641EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mt76: fixed the crash in monitor mode with the sdio driver. The mt7921s driver may receive frames with fragment buffers. If a CTS packet is received in monitor mode, the payload is only 10 bytes, and 6 bytes of header padding ...

5.5CVSS6.6AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: The TID is decremented during error handling for RX peer frag setup. Currently, the TID is not decremented before peer cleanup, during the error handling phase of the ath12kdprxpeerfragsetup function. This could lea...

7.1CVSS6.4AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: atlantic: Fixed handling of fragment overflow in the RX path. The atlantic driver may receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds writ...

6.1AI score0.00161EPSS
Exploits0References1
Rows per page
Query Builder