CVE-2026-5476 NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

CVE-2026-5474

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

CVE-2026-5475 NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption

A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...

CVE-2026-5474 NASA cFS CCSDS Packet Header to_lab_passthru_encode.c CFE_MSG_GetSize heap-based overflow

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

PT-2026-30208

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE TBL ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe tbl passthru codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told...

EUVD-2025-8100

Malicious code in bioql PyPI...

EUVD-2025-8090

Malicious code in bioql PyPI...

EUVD-2025-8098

Malicious code in bioql PyPI...

EUVD-2025-8103

Malicious code in bioql PyPI...

CVE-2025-25371

NASA cFS Core Flight System Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the system...

CVE-2025-25374

In NASA cFS Core Flight System Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service...

CVE-2025-25374

In NASA cFS Core Flight System Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service...

CVE-2025-25371

NASA cFS Core Flight System Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the system...

CVE-2025-25372

NASA cFS Core Flight System Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module...

PT-2025-12829

Name of the Vulnerable Software and Affected Versions NASA cFS Core Flight System Aquila affected versions not specified Description The Memory Management Module of NASA cFS Core Flight System Aquila has insecure permissions, which can be exploited to gain remote code execution RCE on the platfor...

CVE-2025-25374

Technical details about CVE-2025-25374 are not publicly available in the provided connected documents. Monitor for updates if more specifics on affected products, impact, and fixes are released.

CVE-2025-25372

CVE-2025-25372 affects NASA cFS (Core Flight System) Aquila. A malicious telecommand can trigger a segmentation fault in the Memory Management Module, potentially causing memory corruption and availability impact. The NVD entry lists CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH)....

CVE-2025-25373

The Memory Management Module of NASA cFS Core Flight System Aquila has insecure permissions, which can be exploited to gain an RCE on the platform...

CVE-2025-25374

In NASA cFS Core Flight System Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service...

CVE-2025-25373

The CVE-2025-25373 entry concerns the Memory Management Module of NASA cFS (Core Flight System) Aquila, which has insecure permissions that can be exploited to achieve remote code execution on the platform. The vulnerability impacts the Aquila component and its memory management functions as desc...