Security Bulletin: IBM Maximo Application Suite - Predict Component component uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to this CVE-2026-30922

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic...

Uncontrolled Recursion

Axios is vulnerable to uncontrolled recursion. The vulnerability is due to the toFormData function recursively processing deeply nested objects without a depth limit, which allows an attacker to supply specially crafted input that triggers a stack overflow and crashes the Node.js process...

CVE-2026-5408

CVE-2026-5408 describes an uncontrolled recursion causing a crash in Wireshark’s BT-DHT protocol dissector. Affected versions are Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, with impact listed as denial of service. The connected documents provide the vulnerability name, affected versions, and the exp...

CVE-2026-5408 Uncontrolled Recursion in Wireshark

BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-5406

Wireshark contains CVE-2026-5406: an Uncontrolled Recursion in the FC-SWILS protocol dissector that crashes the app, enabling a denial of service. Affected versions are Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14. The issue is tied to the FC-SWILS dissector specifically; exploitation details are not p...

CVE-2026-5406 Uncontrolled Recursion in Wireshark

FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-5299

Wireshark vulnerability CVE-2026-5299 affects the ICMPv6 PvD protocol dissector in Wireshark versions 4.6.0–4.6.4 and 4.4.0–4.4.14. The issue is an uncontrolled recursion that allows a denial of service via the dissector crash. No exploitation details are provided in the connected documents, and ...

CVE-2026-5401 Uncontrolled Recursion in Wireshark

AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-5401

CVE-2026-5401 affects Wireshark’s AFP Spotlight protocol dissector. The vulnerability is described as an Uncontrolled Recursion that crashes the dissector in Wireshark versions 4.6.0–4.6.4 and 4.4.0–4.4.14, resulting in a denial of service. Root cause stated in the title is uncontrolled recursion...

CVE-2026-5401 Uncontrolled Recursion in Wireshark

AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-41606

A flaw was found in Apache Thrift. An uncontrolled recursion vulnerability exists, which could allow a remote attacker to trigger a Denial of Service DoS condition. This occurs when the affected component processes specially crafted input, leading to excessive resource consumption and system...

SUSE CVE-2026-41636

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Json-smart

Summary A vulnerability has been identified in Json-smart library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-1370 DESCRIPTION:Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON...

BIT-THRIFT-2026-41606 Apache Thrift: c_glib dispatch stack overflow

Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

NPM: Apache Thrift Node.js bindings vulnerable to Uncontrolled Recursion

NPM: Apache Thrift Node.js bindings vulnerable to Uncontrolled Recursion vulnerability discovered by ? in WordPress Npm thrift versions 0.23.0...

GHSA-R67J-R569-JRWP Apache Thrift Node.js bindings vulnerable to Uncontrolled Recursion

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

Apache Thrift Node.js bindings vulnerable to Uncontrolled Recursion

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to uncontrolled recursion in the skip function. An attacker can cause a stack overflow and potentially crash the application by sending specially crafted input that triggers deep recursion. Remediation Upgrade...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to uncontrolled recursion in the dispatch process. An attacker can cause a stack overflow and potentially crash the application by sending specially crafted input that triggers excessive recursive calls...

DEBIAN-CVE-2026-41606

Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...