UBUNTU-CVE-2026-33948

jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When reading JSON from files or stdin, jq uses strlen to determine buffer length instead of the actual byte...

UBUNTU-CVE-2026-40164

jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations, which allowed an attacker to precompute key collisions offline. By supplying a crafted JSO...

CVE-2026-40164

jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations, which allowed an attacker to precompute key collisions offline. By supplying a crafted JSO...

CVE-2026-33948

jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When reading JSON from files or stdin, jq uses strlen to determine buffer length instead of the actual byte...

Nest Affected by DoS via Recursive handleData in JsonSocket (TCP Transport)

Impact Attacker sends many small, valid JSON messages in one TCP frame → handleData recurses once per message; buffer shrinks each call → maxBufferSize is never reached; call stack overflows instead → A 47 KB payload is sufficient to trigger RangeError Patches Fixed in @nestjs/[email protected]....

GHSA-HPWF-8G29-85QM Nest Affected by DoS via Recursive handleData in JsonSocket (TCP Transport)

Impact Attacker sends many small, valid JSON messages in one TCP frame → handleData recurses once per message; buffer shrinks each call → maxBufferSize is never reached; call stack overflows instead → A 47 KB payload is sufficient to trigger RangeError Patches Fixed in @nestjs/[email protected]....

Uncontrolled Recursion

Overview @nestjs/microservices is a Nest - modern, fast, powerful node.js web framework @microservices Affected versions of this package are vulnerable to Uncontrolled Recursion through the handleData function in packages/microservices/helpers/json-socket.ts. An attacker can crash the TCP...

CVE-2026-39417 MaxKB: RCE via MCP stdio command injection in workflow engine

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of the workflow engine. MaxKB only restricts the referencing code path loading MCP config from the...

EUVD-2026-22162

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of the workflow engine. MaxKB only restricts the referencing code path loading MCP config from the...

CVE-2026-39417 MaxKB: RCE via MCP stdio command injection in workflow engine

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of the workflow engine. MaxKB only restricts the referencing code path loading MCP config from the...

Fortinet FortiManager sqli (FG-IR-26-111)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

Fortinet FortiAnalyzer sqli (FG-IR-26-111)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

MaxKB 操作系统命令注入漏洞

MaxKB is an open-source question-answering system based on large language models and RAG, developed by 1Panel-dev. Versions of MaxKB prior to 2.7.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from issues with the MCP node, a workflow engine,...

Important: cri-tools

Issue Overview: The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack. CVE-2026-32285 gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3...

PT-2026-33230

Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData recurses once per message; the buffer shrinks each call. maxBufferSize is never reached; call stack overflows instead. ...

PT-2026-32993

Name of the Vulnerable Software and Affected Versions 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery versions prior to 1.16.18 Description This plugin for WordPress allows unauthenticated attackers to retrieve flipbook page metadata for draft, private, and...

Uncontrolled resource consumption and loop with unreachable exit condition in facil.io and downstream iodine ruby gem

Summary fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100 instead of returning a parse error. Because iodine gem vendors the same parser code, the issue also affects iodine gem when it...

Linux Distros Unpatched Vulnerability : CVE-2026-40164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed...

Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3236 (ALAS-2026-3236)

"The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3236 advisory. The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negati...

CVE-2026-33948 jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When reading JSON from files or stdin, jq uses strlen to determine buffer length instead of the actual byte...