EUVD-2026-26683

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

CVE-2026-42485

CVE-2026-42485 affects AGL agl-service-can-low-level, specifically the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH) via memcpy at an offset of 1+pid_length, caus...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

Flipper Zero Firmware 安全漏洞

Flipper Zero Firmware is an open source firmware update and development tool for multifunctional devices from Flipper Devices. A security vulnerability exists in the Flipper Zero Firmware commit ad2a80 version, which originates from a stack overflow in the Main function...

PT-2026-36534

Name of the Vulnerable Software and Affected Versions Flipperzero firmware affected versions not specified Description A stack overflow exists in the Main function, which allows attackers to execute arbitrary code. This issue is currently being exploited in real-world incidents. Recommendations A...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to validate encsize when loading LTK in the Bluetooth MGMT protocol, which could result in a stack...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

Unified Diagnostic Services Support Library in C 安全漏洞

Unified Diagnostic Services Support Library in C is an automotive electronic diagnostic protocol support library by a personal developer, Laughing with the Wind. Unified Diagnostic Services Support Library in C has a security vulnerability that originates from a stack buffer overflow in the...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

CVE-2026-30363

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

CVE-2026-42482

A stack-based buffer overflow in mangletohexlower and mangletohexupper in src/rpcpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password candidates of 128 or more...

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

CVE-2026-30363

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

Apache Neethi 资源管理错误漏洞

Apache Neethi is a policy processing framework library developed by the Apache Foundation. There is a resource management vulnerability in Apache Neethi; this vulnerability stems from an improper detection of circular references in policy definitions. This can cause the policy normalization proce...

PT-2026-36413

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.31-rc1 and later affected versions not specified Description A stack out-of-bounds read exists in the ALSA caiaq component within the init card function. The issue occurs during the creation of a whitespace-stripped...

CVE-2026-37530

CVE-2026-37530 affects AGL’s agl-service-can-low-level up to version 17.1.12. The uds-c library contains a stack buffer overflow in the send_diagnostic_request function: it allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH=7) ...

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

CVE-2026-42482

Hashcat CVE-2026-42482 affects v7.1.2, describing a stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c. The bound check does not account for 2x expansion when converting password bytes to hexadecimal, enabling a vulnerability that could allow denial of ...

CVE-2026-42482

A stack-based buffer overflow in mangletohexlower and mangletohexupper in src/rpcpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password candidates of 128 or more...