PT-2026-44464

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions 14.0.0 through 29.0.1 Description The RBAC policy enforcer in the enforce call function unconditionally merges the raw JSON request body into the policy enforcement dictionary using policy dict.updatejson input.copy...

PT-2026-45143

Уязвимость функции Merge программного средства создания самоуправляемых Git-репозиториев Gogs связана с внедрением или модификацией аргументов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код путем отправки специально сформированного запроса...

CVE-2026-42999

OpenStack Keystone prior to 29.0.2 contains CVE-2026-42999, where the RBAC policy enforcer in enforce_call unconditionally merges the raw JSON request body into the policy enforcement dictionary (policy_dict.update(json_input.copy())). Since flask.request.get_json is called with force=True, this ...

PT-2026-44725

Name of the Vulnerable Software and Affected Versions Dulwich versions prior to 1.2.5-1.1 Description Command injection occurs in the ProcessMergeDriver when the file path from the git tree is substituted into the merge driver command via the %P placeholder. This command is then executed using...

SUSE CVE-2025-38344

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...

CVE-2026-9567

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

UBUNTU-CVE-2026-9567

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

CVE-2026-9567

GPAC MP4Box (up to version 2.4.0) houses a vulnerability in isomedia/isom_intern.c: MergeFragment, where input handling can trigger a null pointer dereference. Exploitation is local, and a public PoC/exploit exists; this confirms practical risk under local access conditions. The patch is identifi...

CVE-2026-8997

A flaw was found in vifm, a file manager. This vulnerability, a heap buffer overflow, occurs when the application saves its state file vifminfo.json during the history merge process. A local user could exploit this by introducing a specially crafted, excessively long path or command into the...

GPAC 代码问题漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC 2.4.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the MergeFragment function in the MP4Box component, which could lead to null pointer dereferencing...

CVE-2026-8997

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

UBUNTU-CVE-2026-8997

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

CVE-2026-8997

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

CVE-2026-8997 Heap Buffer Overflow in vifm

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

EUVD-2026-31439

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

CVE-2026-8997 Heap Buffer Overflow in vifm

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

CVE-2026-8997

CVE-2026-8997 : vifm is vulnerable to a heap buffer overflow during the history merge when saving the state file (vifminfo.json). The flaw arises from a missing runtime length check on history entries in release builds, allowing a crafted long path or command in history to cause memory corruption...

CVE-2026-8997

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

Linux Distros Unpatched Vulnerability : CVE-2026-6883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allow...

PT-2026-42765

Name of the Vulnerable Software and Affected Versions vifm versions 0.12.1 through 0.14.3 Description A heap buffer overflow occurs during the history merge process when saving the state file vifminfo.json. This is caused by a lack of runtime checks on the length of history entries in release...