kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

CLSA-2026-1769610819 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

CVE-2026-22260 Suricata http1: infinite recursion in decompression

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for request-body-limit and response-body-limit...

CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

Advisory ROSA-SA-2026-3119

software: mupdf 1.26.10 WASP: ROSA-CHROME unaffected versions = mupdf-1.26.10-1 affected versions mupdf-1.26.10-1 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation ...

ESLint security vulnerabilities

ESLint is an open-source tool developed by ESLint that identifies and fixes issues in JavaScript code. Versions of ESLint prior to 9.26.0 contained a security vulnerability. This vulnerability stemmed from infinite recursion when serializing objects with circular references, which could lead to a...

OESA-2026-1243 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

OESA-2026-1242 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

ImageMagick MSL: Stack overflow via infinite recursion in ProcessMSLScript

Summary Stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version - ImageMagick 7.x tested on current main branch - Commit: HEAD - Requires: libxml2 support for MSL parsing Steps to Reproduce Method 1: Using ImageMagick directly bash magick...

GHSA-9VJ4-WC7R-P844 ImageMagick MSL: Stack overflow via infinite recursion in ProcessMSLScript

Summary Stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version - ImageMagick 7.x tested on current main branch - Commit: HEAD - Requires: libxml2 support for MSL parsing Steps to Reproduce Method 1: Using ImageMagick directly bash magick...

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

CVE-2026-23874

A flaw was found in ImageMagick. A local user could exploit this vulnerability by providing a specially crafted Magick Scripting Language MSL file. This file, when processed, could trigger infinite recursion within the command, leading to a stack overflow. Successful exploitation results in a...

CVE-2026-23874

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

CVE-2026-23874 ImageMagick's MSL: Stack overflow via infinite recursion in ProcessMSLScript

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

CVE-2026-23874

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

CVE-2026-23874 ImageMagick's MSL: Stack overflow via infinite recursion in ProcessMSLScript

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

CVE-2026-23874 ImageMagick's MSL: Stack overflow via infinite recursion in ProcessMSLScript

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

ImageMagick security vulnerabilities

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-13 contained security vulnerabilities. These vulnerabilities were caused by an infinite recursion i...

MiracleLinux 8 : libX11-1.6.8-8.el8 (AXSA:2024-8318:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8318:03 advisory. libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: stack exhaustion from infinite recursion in PutSubImage CVE-2023-43786...

MiracleLinux 7 : opensc-0.19.0-3.el7 (AXSA:2019-3977:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3977:02 advisory. opensc: Buffer overflows handling responses from Muscle Cards in card-muscle.c:musclelistfiles CVE-2018-16391 opensc: Buffer overflows handling...