CVE-2026-23263

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix page array leak d9f595b9a65e "iouring/zcrx: fix leaking pages on sg init fail" fixed a page leakage but didn't free the page array, release it as well...

GHSA-QPXP-75PX-XJCP pypdf has inefficient decoding of array-based streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes and/or large memory usage. This requires accessing an array-based stream with lots of entries. Patches This has been fixed in pypdf==6.9.1. Workarounds If you cannot upgrade yet, consider applying the...

Inefficient Algorithmic Complexity

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the decoding process of array-based streams. An attacker can cause excessive resource...

pypdf has inefficient decoding of array-based streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes and/or large memory usage. This requires accessing an array-based stream with lots of entries. Patches This has been fixed in pypdf==6.9.1. Workarounds If you cannot upgrade yet, consider applying the...

OSV-2026-417 Segv on unknown address in arrow::Array::IsNull

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=493063924 Crash type: Segv on unknown address Crash state: arrow::Array::IsNull arrow::Status arrow::VisitArrayInline arrow::ArrayPrinter::Print...

HTSlib 安全漏洞

HTSlib is a C-language library developed by samtools. Versions of HTSlib prior to 1.23.1, 1.22.2, and 1.21.1 have security vulnerabilities. These vulnerabilities stem from the crambytearraylendecode function not verifying the amount of data, which may lead to heap buffer overflows or stack...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the JsonBeanPropertyBinder::expandArrayToThreshold function of the form-urlencoded body binding process. An attacker can cause sustained CPU usage and unbounded memory growth,...

GHSA-43W5-MMXV-CPVH Micronaut vulnerable to DoS via crafted form-urlencoded body binding with descending array indices

In JsonBeanPropertyBinder::expandArrayToThreshold in io.micronaut:micronaut-json-core before Micronaut 4 4.10.16 and in Micronaut 3 before 3.10.5 does not correctly handle descending array index order during form-urlencoded body binding, which allows remote attackers to cause a denial of service...

SUSE CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...

PT-2026-26180

In JsonBeanPropertyBinder::expandArrayToThreshold in io.micronaut:micronaut-json-core before Micronaut 4 4.10.16 and in Micronaut 3 before 3.10.5 does not correctly handle descending array index order during form-urlencoded body binding, which allows remote attackers to cause a denial of service...

Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics

Summary Multiple vulnerabilities were addressed in IBM Planning Analytics Local. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce...

EUVD-2026-12510

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to handle incorrectly reported array lengths which allows malicious user to cause OOM errors and crash the server via sending corrupted msgpack frames within websocket messages to calls plugin. Mattermost Advisory ID:...

CVE-2026-2454

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to handle incorrectly reported array lengths which allows malicious user to cause OOM errors and crash the server via sending corrupted msgpack frames within websocket messages to calls plugin. Mattermost Advisory ID:...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the Unmarshal, UnmarshalAsMap, UnmarshalAsArray, and Marshal functions, which invoke Decode. An attacker can cause a panic with truncated fixext data that triggers an out-of-bounds read. Note: This vulnerability i...

CVE-2025-71264

An out of bound array access flaw has been discovered in the mumble voip client. In certain situations decoding of opus encoded audio can attempt to access an array with an invalid index. This may result in a program crash. Mitigation Mitigation for this issue is either not available or the...

CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...

CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...

CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...

CVE-2025-71264

CVE-2025-71264 affects Mumble prior to 1.6.870, where an out-of-bounds array access can cause a denial of service (client crash). The description in both the CVE and the CVE List repeats this issue. The provided documents do not specify the root cause codepath, exact vulnerable component, or conc...

CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...