CVE-2026-49461

CVE-2026-49461 affects the Python PDF library pypdf . The vulnerability occurs before version 6.12.2 and lets an attacker craft a PDF whose page contains a form XObject with self-references, causing large memory usage during text extraction. Impact is memory-related and can affect systems process...

PT-2026-49730

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.12.2 Description A flaw in the pure-python PDF library allows an attacker to craft a PDF that causes excessive memory consumption. This occurs when extracting text from a page containing a form XObject a reusable PDF...

Astra Linux – Vulnerability in libxml2

A flaw was discovered in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function, where an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by...

EUVD-2025-209582

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

CLSA-2026-1775731413 libxml2: Fix of 8 CVEs

CVE-2023-45322: fix use-after-free in xmlStaticCopyNodeList when copying DTDs - CVE-2024-34459: fix buffer over-read in xmlHTMLPrintFileContext in xmllint - CVE-2025-6170: fix potential buffer overflows in xmllint interactive shell - CVE-2025-8732: fix stack overflow from self-referencing SGML...

Security update for grafana

This update for grafana fixes the following issues: Security issues fixed: CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 CVE-2026-21720: Fixed...

OESA-2026-1598 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : libxml2 vulnerabilities (USN-7974-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7974-1 advisory. It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog...

USN-7974-1 libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog files. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. CVE-2025-8732 It was discovered that libxml2 incorrectly handled recursive include...

CVE-2026-0990

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

EUVD-2026-2797

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the xmlCatalogXMLResolveURI function when processing XML catalogs containing self-referencing delegate URI entries. An attacker can cause affected applications to crash by supplying a specially crafted XML...

Linux Distros Unpatched Vulnerability : CVE-2026-0990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalo...

PT-2026-3018

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description An uncontrolled recursion issue exists in libxml2, an XML parsing library, specifically within the xmlCatalogXMLResolveURI function. This occurs when an XML catalog includes a delegate URI...

EUVD-2017-18280

Malware in sbrugna...

EUVD-2006-4506

Malware in sbrugna...

Guest OS File Restore Fails on Self-Referencing Junction Points

Challenge Using Guest OS File Restore to restore a folder containing a junction point that redirects back to the initial folder fails with the error: Win32 error:The name of the file cannot be resolved by the system. Code: 1921 For example, attempting to restore a user's AppData folder the restor...

PYSEC-2024-118

A Denial-of-Service DoS vulnerability exists in the SitemapLoader class of the langchain-ai/langchain repository, affecting all versions. The parsesitemap method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the...

LangChain Resource Management Error Vulnerability

LangChain is the LangChain open source framework for developing applications powered by the Large Language Model LLM. A resource management error vulnerability exists in LangChain because the parsesitemap method, which is responsible for parsing the sitemap and extracting the URL, lacks a mechani...

SUSE CVE-2024-26750

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop oobskb ref before purging queue in GC. syzbot reported another task hung in unixgc. 0 The current while loop assumes that all of the left candidates have oobskb and calling kfreeskboobskb releases the remaining...