CVE-2026-9516

Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

CVE-2026-37229

FlexRIC v2.0.0 contains a reachable assertion in e2apcreatepdu triggered when ASN.1 PER decoding fails. A remote unauthenticated attacker can send any non-PER byte sequence e.g., a single 0x00 byte over SCTP to the near-RT RIC port 36421 or iApp port 36422 to crash the process via SIGABRT. The...

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

UBUNTU-CVE-2026-9516

BOM-shift PV-corruption SIGABRT...

CVE-2026-37225

FlexRIC v2.0.0 crashes when the iApp receives an E42RICSUBSCRIPTIONREQUEST with an empty ricEventTriggerDefinition field. The E42 layer decoder accepts this as valid, but the E2AP encoder asserts a non-empty constraint when forwarding the request. A remote unauthenticated attacker can crash the...

CVE-2026-37227

FlexRIC v2.0.0 contains reachable assert0 calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decodable E2AP PDU of such a type e.g., E2nodeConfigurationUpdate to crash the near-RT RIC process port...

CVE-2026-37228

FlexRIC v2.0.0 contains a reachable assertion in e2aprecvsctpmsg src/lib/ep/e2apep.c. The function allocates a fixed 32KB receive buffer and enforces assertrc = 32,768 bytes to crash the near-RT RIC, iApp, E2 Agent, or xApp process via SIGABRT. No valid E2AP PDU is required. All four SCTP endpoin...

CVE-2026-31870 cpp-httplib Affected by Remote Process Crash via Malformed Content-Length Response Header

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...

DEBIAN-CVE-2025-69654

A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

CVE-2024-54129 Improper Initialization of `imc` Scheme Leading to `SIGABRT` in ION-DTN BPv7

The NASA’s Interplanetary Overlay Network ION is an implementation of Delay/Disruption Tolerant Networking DTN. A vulnerability exists in the version ION-DTN BPv7 implementation version 4.1.3 when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part SSP...

DEBIAN-CVE-2024-26369

An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads to a SIGABRT signal abort upon receiving DataWriter's data...

eProsima Fast DDS Security Vulnerability

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS that stems from a possible signal abort when receiving data...

PT-2024-21371 · Fastdds +1 · Fastdds +1

Name of the Vulnerable Software and Affected Versions: FastDDS versions 2.6.x through 2.12.x Description: An issue in the HistoryQosPolicy component of FastDDS leads to a SIGABRT signal abort upon receiving DataWriter's data. Recommendations: For versions 2.6.x through 2.12.x, consider disabling...

PYSEC-2020-122

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

PYSEC-2020-314

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

UBUNTU-CVE-2018-17236

The function MP4Free in mp4property.cpp in libmp4v2 2.1.0 internally calls free on a invalid pointer, raising a SIGABRT signal...

PYSEC-2018-126

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call...

CVE-2018-9145

In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the...