CVE-2026-5474

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

CVE-2026-5474 NASA cFS CCSDS Packet Header to_lab_passthru_encode.c CFE_MSG_GetSize heap-based overflow

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

EUVD-2025-8100

Malicious code in bioql PyPI...

EUVD-2025-8090

Malicious code in bioql PyPI...

EUVD-2025-8098

Malicious code in bioql PyPI...

EUVD-2025-8103

Malicious code in bioql PyPI...

CVE-2025-25371

NASA cFS Core Flight System Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the system...

CVE-2025-25374

In NASA cFS Core Flight System Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service...

CVE-2025-25374

In NASA cFS Core Flight System Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service...

CVE-2025-25371

NASA cFS Core Flight System Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the system...

CVE-2025-25372

NASA cFS Core Flight System Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module...

PT-2025-12829

Name of the Vulnerable Software and Affected Versions NASA cFS Core Flight System Aquila affected versions not specified Description The Memory Management Module of NASA cFS Core Flight System Aquila has insecure permissions, which can be exploited to gain remote code execution RCE on the platfor...

CVE-2025-25374

Technical details about CVE-2025-25374 are not publicly available in the provided connected documents. Monitor for updates if more specifics on affected products, impact, and fixes are released.

CVE-2025-25372

CVE-2025-25372 affects NASA cFS (Core Flight System) Aquila. A malicious telecommand can trigger a segmentation fault in the Memory Management Module, potentially causing memory corruption and availability impact. The NVD entry lists CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH)....

CVE-2025-25373

The CVE-2025-25373 entry concerns the Memory Management Module of NASA cFS (Core Flight System) Aquila, which has insecure permissions that can be exploited to achieve remote code execution on the platform. The vulnerability impacts the Aquila component and its memory management functions as desc...

CVE-2025-25373

The Memory Management Module of NASA cFS Core Flight System Aquila has insecure permissions, which can be exploited to gain an RCE on the platform...

CVE-2025-25374

In NASA cFS Core Flight System Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service...