GHSA-F5WC-C3C7-36MC golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

EUVD-2026-31390

golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys...

GHSA-JPPX-RXG9-JMRX golang.org/x/crypto/ssh/agent doesn't enforce invoking key constraints

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

EUVD-2026-31389

golang.org/x/crypto/ssh/agent doesn't enforce invoking key constraints...

CVE-2026-55960 Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

EUVD-2026-38906

In the Linux kernel, the following vulnerability has been resolved: imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is not supported. However there are places relying on the algorithm to be...

CVE-2026-41479

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.10 and 1.7.1, Authlib's OAuth 2.0 authorization endpoint can be turned into an unauthenticated open redirect when a request uses an unsupported responsetype and supplies an attacker-controlled redirecturi. The...

CVE-2026-41479

Authlib’s OAuth 2.0 authorization endpoint is vulnerable to an unauthenticated open redirect when an unsupported response_type is requested and a attacker-controlled redirect_uri is supplied. This occurs before client lookup and any redirect_uri validation, allowing a single request to yield a 30...

EUVD-2026-38278

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply su...

CVE-2026-12725

CVE-2026-12725 affects dnsmasq. The flaw is a heap-based buffer overflow in the log_query() path when DNSSEC validation and query logging are both enabled and DNS responses contain DS/DNSKEY records with unsupported algorithm or digest types. This can cause dnsmasq to write past the end of an int...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel before version 4.8, the usbparseendpoint function in drivers/usb/core/config.c did not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field will not be set. As a result, sofipc4routesetup will cause a kernel error when attempting to...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we attempt to add an IPv6 nexthop parameter, and IPv6 is not enabled !CONFIGIPV6, we encounter a NULL pointer dereference in the error path of nhcreateipv6...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer, which triggers the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jfs: Rejects inodes of an unsupported type on the disk Syzbot has reported the following bug: Kernel bug at fs/inode.c:668! Oops: Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

Astra Linux – Vulnerability in libxml2

It was discovered that Xmlsoft Libxml2 v2.11.0 contains an out-of-bounds read vulnerability through the xmlSAX2StartElement function located at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS by providing a crafted XML file. NOTE: the vendor’s position is tha...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtw89: Avoid NULL dereferencing when a problematic packet is received on an unsupported 6 GHz band. There is a very rare chance that the RX report might be problematic, causing the software to assume that a packet was...

CVE-2026-50196 Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...

CVE-2026-50196

CVE-2026-50196 – Steeltoe.Discovery.Eureka : In Steeltoe.Discovery.Eureka before versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws an ArgumentException for any DataCenterInfo.name other than MyOwn, Amazon, or Netflix, causing the registry deserialization to fail and the cache refresh to sw...