CVE-2026-2771 Undefined behavior in the DOM: Core & HTML component

Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2771

Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2771

CVE-2026-2771 is an undefined-behavior vulnerability in the DOM: Core & HTML component of Mozilla Firefox/Thunderbird family that was fixed in Firefox 148, Firefox ESR 115.33 and 140.8, Thunderbird 148 and 140.8. The issue is reported across multiple advisories (Astra Linux bulletin and Amazon Li...

CVE-2026-2771

Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2771 Undefined behavior in the DOM: Core & HTML component

Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

EUVD-2026-8493

Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8...

CVE-2026-2771

Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products that...

Mozilla -- Undefined behavior in the DOM: Core & HTML component

https://bugzilla.mozilla.org/showbug.cgi?id=2014593 reports: Undefined behavior in the DOM: Core & HTML component...

filippo.io/edwards25519 MultiScalarMult produces invalid results or undefined behavior if receiver is not the identity

Point.MultiScalarMult failed to initialize its receiver. If the method was called on an initialized point that is not the identity point, MultiScalarMult produced an incorrect result. If the method was called on an uninitialized point, the behavior was undefined. In particular, if the receiver wa...

GHSA-FW7P-63QQ-7HPR filippo.io/edwards25519 MultiScalarMult produces invalid results or undefined behavior if receiver is not the identity

Point.MultiScalarMult failed to initialize its receiver. If the method was called on an initialized point that is not the identity point, MultiScalarMult produced an incorrect result. If the method was called on an uninitialized point, the behavior was undefined. In particular, if the receiver wa...

PT-2026-20785

Name of the Vulnerable Software and Affected Versions filippo.io/edwards25519 versions 1.1.0 and earlier Description The filippo.io/edwards25519 Go library, used for edwards25519 elliptic curve cryptography, has an issue where the MultiScalarMult function produces incorrect results or undefined...

CVE-2026-25541

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

AZL-78615 CVE-2026-25541 affecting package trident 0.21.0-1

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

GHSA-J39J-6GW9-JW6H git2 has potential undefined behavior when dereferencing Buf struct

If the Buf struct is dereferenced immediately after calling new or default on the Buf struct, a null pointer is passed to the unsafe function slice::fromrawparts. According to the safety section documentation of the function, data must be non-null and aligned even for zero-length slices or slices...

git2 has potential undefined behavior when dereferencing Buf struct

If the Buf struct is dereferenced immediately after calling new or default on the Buf struct, a null pointer is passed to the unsafe function slice::fromrawparts. According to the safety section documentation of the function, data must be non-null and aligned even for zero-length slices or slices...

GHSA-434X-W66G-QW3R bytes has integer overflow in BytesMut::reserve

Details In the unique reclaim path of BytesMut::reserve, the condition rs if vcapacity = newcap + offset uses an unchecked addition. When newcap + offset overflows usize in release builds, this condition may incorrectly pass, causing self.cap to be set to a value that exceeds the actual allocated...

RUSTSEC-2026-0007 Integer overflow in `BytesMut::reserve`

In the unique reclaim path of BytesMut::reserve, the condition rs if vcapacity = newcap + offset uses an unchecked addition. When newcap + offset overflows usize in release builds, this condition may incorrectly pass, causing self.cap to be set to a value that exceeds the actual allocated capacit...

Integer overflow in `BytesMut::reserve`

In the unique reclaim path of BytesMut::reserve, the condition rs if vcapacity = newcap + offset uses an unchecked addition. When newcap + offset overflows usize in release builds, this condition may incorrectly pass, causing self.cap to be set to a value that exceeds the actual allocated capacit...