CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

agent-builder (>=0.0.2 <=0.1.7), agent-memory-layer (>=0.1.0 <=0.1.1) +85 more potentially affected by CVE-2026-26013 via langchain-openai (>=1.0.0 <=1.1.7)

langchain-openai PYPI version =1.0.0, =0.0.2, =0.1.0, =0.1.0, =1.0.6, =1.0.0, =0.1.0, =0.0.4, =3.0.3, =0.0.1, =0.0.48, =0.0.54, =0.1.2, =0.1.3 and more Source cves: CVE-2026-26013 Source advisory: SNYK:PYTHON-LANGCHAINOPENAI-15263095...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a denial-of-service vulnerability that stems from the LSTM GRU layer receiving a zero-length input when using a CUDA backend, which results in a check failure. An...