EUVD-2026-36123

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

CVE-2026-10142

CVE-2026-10142 affects kafka-python prior to 2.3.2. The vulnerability resides in the protocol parser, where an attacker can send a crafted 4-byte frame length via receive_bytes() without bounds validation. This can cause a multi-gigabyte memory allocation or an uncaught ValueError, leaving the co...

CVE-2026-10142 kafka-python prior to 2.3.2 Denial of Service via Protocol Parser Frame Length

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

CVE-2026-10142 kafka-python prior to 2.3.2 Denial of Service via Protocol Parser Frame Length

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

PT-2026-48530

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

Apache Fluss security vulnerabilities

Apache Fluss is a streaming storage system developed by the Apache Foundation in the United States. Versions 0.8.0 and 0.9.0 of Apache Fluss contain security vulnerabilities. These vulnerabilities stem from the use of Integer.MAXVALUE as the maximum frame length in the Netty...

[BSA-135] Security Update for exim4

Andreas Metzler uploaded new packages for exim4 which fixed the following security problems: CVE-2026-48840 PROXYv2 parser: reject PROXY frames whose declared payload length is too short for the claimed address family 12 bytes for TCPv4/0x11, 36 bytes for TCPv6/0x21. Previously a frame with...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tun: Added missing verification for short frames. The referenced commit failed to check the validity of the frame length in the tunxdpone path, which could result in a corrupted skb being sent down the stack. Even before the skb ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7925: Fixed possible out-of-band OOB access in mt7925macwritetxwi80211. Check the frame length before accessing the mgmt fields in mt7925macwritetxwi80211 in order to avoid possible OOB access...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tap: added missing verification for short frames The referenced commit failed to check the validity of the frame length in the tapgetuserxdp function. This could result in a corrupted skb being sent down the stack. Even before th...

GO-2026-4841 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead in github.com/nats-io/nats-server

NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead in github.com/nats-io/nats-server...

CVE-2026-23315

A flaw was found in the Linux kernel's mt76 Wi-Fi driver. This vulnerability, an out-of-bounds OOB access, occurs due to an insufficient check of frame length before accessing management fields within the mt76connac2macwritetxwi80211 function. An attacker could potentially exploit this to cause...

CVE-2026-27889 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

CVE-2026-27889 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

CVE-2026-23363

A flaw was found in the Linux kernel's mt76 wireless driver, specifically within the mt7925 component. This vulnerability arises from a failure to properly check the frame length before accessing management fields in the mt7925macwritetxwi80211 function. An attacker could potentially exploit this...

Integer Overflow or Wraparound

Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the wsRead function. An attacker can cause the server proces...

EUVD-2026-15962

NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead...

NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. When using WebSockets, a malicious client can trigger a server crash with crafted frames, before authentication. Problem Description A missi...

SUSE CVE-2026-23315

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...

SUSE CVE-2026-23363

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix possible oob access in mt7925macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7925macwritetxwi80211 in order to avoid a possible oob access...