CVE-2026-54236 vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitizemessage helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: several response paths echo...

CVE-2026-54236

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitizemessage helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: several response paths echo...

PT-2026-50491

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.23.1rc0 Description An incomplete fix for a previous memory leak issue allows unauthenticated attackers to leak heap memory addresses. The system fails to properly sanitize error messages in several response paths,...

CVE-2025-60887

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

EUVD-2017-12187

Malware in sbrugna...

EUVD-2017-12172

Malware in sbrugna...

EUVD-2017-12163

Malware in sbrugna...

EUVD-2016-8737

Malware in sbrugna...

EUVD-2017-12184

Malware in sbrugna...

EUVD-2020-17158

Malware in sbrugna...

EUVD-2017-12194

Malware in sbrugna...

EUVD-2017-12170

Malware in sbrugna...

EUVD-2017-12193

Malware in sbrugna...

Adobe Digital Editions < 4.5.3 Multiple Vulnerabilities (APSB16-45) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB16-45 advisory. - Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could...

PT-2024-28778 · Unknown · Boa Web Server +1

Name of the Vulnerable Software and Affected Versions: Vilo 5 Mesh WiFi System versions 5.16.1.33 and earlier Description: The issue is related to an information leak in the Boa webserver, which allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack. This can be...

SUSE CVE-2012-2891

The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors...

DEBIAN-CVE-2021-29955

A transient execution vulnerability, named Floating Point Value Injection FPVI allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. A related vulnerability, Speculative Code Store Bypass SCSB, did not affect Firefox.. This vulnerability...

CVE-2020-24438

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2020-24438

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious...

Design/Logic Flaw

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious...