CVE-2026-43896

jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jvobjectmergerecursive allows a crafted jq program to crash the process with a segfault. The function is reachable through the operator when both operands are objects...

CVE-2026-4833

CVE-2026-4833 affects Orc discount up to 3.0.1.2, specifically the Markdown Handler's markdown.c compile function. The issue causes uncontrolled recursion when fed input such as an infinitely deep blockquote, leading to a local-execution crash. Public exploit availability exists, and the project ...

SUSE-SU-2026:20753-1 Security update for protobuf

This update for protobuf fixes the following issues: Security fixes: - CVE-2025-4565: Fixed parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that could lead to crash due to RecursionError bsc1244663. - CVE-2026-0994: Fixed google.protobuf.A...

Linux Distros Unpatched Vulnerability : CVE-2024-52980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the...

Globalscape Enhanced File Transfer 安全漏洞

Globalscape Enhanced File Transfer Globalscape EFT is a best-in-class Managed File Transfer MFT solution from Globalscape USA. A security vulnerability exists in Globalscape Enhanced File Transfer versions prior to 8.1.0.16 that stems from the presence of a denial-of-service vulnerability that...

Amazon Linux 2023 : systemd, systemd-container, systemd-devel (ALAS2023-2023-025)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-025 advisory. A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. CVE-2021-3997 A...