Important: nerdctl

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

Important: amazon-cloudwatch-agent

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

RHEL 8 : dnsmasq (RHSA-2026:20589)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20589 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

TencentOS Server 3: .NET 8.0 (TSSA-2026:0390)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0390 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

ALSA-2026:20589 Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

CVE-2026-47066

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !, @, =, ...

CVE-2026-47066

CVE-2026-47066 describes an Infinite Loop in the Alt-Svc header parser of benoitc’s hackney. The vulnerable component is the Alt-Svc response header parser (src/hackney_altsvc.erl); when parse_token/2 receives certain inputs, it may return the input unchanged, and skip_comma/1 can fail to progres...

CVE-2026-47066 Infinite loop in Alt-Svc header parser in hackney

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !, @, =, ...

CVE-2026-47066 Infinite loop in Alt-Svc header parser in hackney

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !, @, =, ...

CVE-2026-47066

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !, @, =, ...

EUVD-2026-31686

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !, @, =, ...

EEF-CVE-2026-47066 Infinite loop in Alt-Svc header parser in hackney

Summary Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !...

Security update for helm

This update for helm fixes the following issues Security issues: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265758. CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled...

PT-2026-43064

Name of the Vulnerable Software and Affected Versions hackney versions 2.0.0-beta.1 through 4.0.0 Description An infinite loop exists in the Alt-Svc response header parser within src/hackney altsvc.erl. When the parse token/2 function receives a byte that is not a token, whitespace, or comma such...

CVE-2026-42899

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources. Mitigation Red Hat has investigated whether a possible...

SUSE CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

CLSA-2026-1779437608 dnsmasq: Fix of 5 CVEs

CVE-2026-2291: fix buffer overflow in union bigname - CVE-2026-4890: fix NSEC bitmap parsing infinite loop and OOB reads - CVE-2026-4891: verify rdlen field in RRSIG packets - CVE-2026-4892: fix buffer overflow in helper.c with large CLIDs - CVE-2026-4893: fix broken client subnet validation...

CLSA-2026-1779437548 dnsmasq: Fix of 5 CVEs

CVE-2026-2291: fix buffer overflow in union bigname - CVE-2026-4890: fix NSEC bitmap parsing infinite loop and OOB reads - CVE-2026-4891: verify rdlen field in RRSIG packets - CVE-2026-4892: fix buffer overflow in helper.c with large CLIDs - CVE-2026-4893: fix broken client subnet validation...

Integer Overflow or Wraparound

Overview golang.org/x/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the payload size calculation within the Write process. An attacker can cause the process to enter an infinite loop and exhaust system resources by...