CLSA-2026-1779579653 thunderbird: Fix of 4 CVEs

CVE-2024-0742: assertion failure in nsPresContext::UserInputEventsAllowed Document::SetIsInitialDocument sticky-bit - CVE-2025-2830: path traversal via malformed attachment filename in multipart message directory guard in MimePart.fetchAttachment + mimedrft.cpp - CVE-2025-3909: predictable...

PT-2026-43124

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

GNU LibreDWG 安全漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A security vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a reachable assertion in the decompressR2004section function of the src/decode.c file in the Dwgread Utili...

samlify: XML Injection in AttributeValue Allows Privilege Escalation in Signed SAML Assertions

Summary samlify’s template substitution only escapes attribute contexts. Values inserted into element text e.g., are not escaped. A normal user can inject XML markup into an attribute value e.g., email, name and add new elements inside the signed assertion. The IdP then signs the tampered asserti...

PT-2026-42587

Summary samlify’s template substitution only escapes attribute contexts. Values inserted into element text e.g., are not escaped. A normal user can inject XML markup into an attribute value e.g., email, name and add new elements inside the signed assertion. The IdP then signs the tampered asserti...

PT-2026-42665

Summary samlify’s template substitution only escapes attribute contexts. Values inserted into element text e.g., are not escaped. A normal user can inject XML markup into an attribute value e.g., email, name and add new elements inside the signed assertion. The IdP then signs the tampered asserti...

EUVD-2026-31203

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

ALPINE-CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

EUVD-2026-31107

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

CVE-2026-5946 Invalid handling of CLASS != IN

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

keycloak: Keycloak: Denial of Service via specially crafted SAML input

A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language SAML endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service DoS where the server becomes...

Astra Linux - уязвимость в libstb

stbimage.h also known as the stb image loader, version 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

Astra Linux - уязвимость в bind9

In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record that...

Astra Linux - уязвимость в redis

Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command specifically, a SET command. NOTE: this issue was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have any safety guarantees related to...

Astra Linux - уязвимость в avahi

A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion in the avahirdataparse function...

Astra Linux - уязвимость в bind9

In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions of BIND 9 Supported Preview Edition such as 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1, as well as the release version 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a...

Astra Linux - уязвимость в tinyxml

In the TiXmlDeclaration::Parse method in tinyxmlparser.cpp within TinyXML, up to version 2.6.2, there is a potentially exploitable assertion which can lead to application exit. This issue occurs when a malicious XML document is used, where a null character \0 is placed after a whitespace...

Astra Linux - уязвимость в openldap

In OpenLDAP versions 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function due to a malicious packet. This leads to a denial of service daemon exits caused by a short timestamp. This issue is related to the schemainit.c file and the...