CVE-2026-24845

CVE-2026-24845 affects the malcontent tool. The advisory describes that versions prior to 1.20.3 (starting with 0.10.0) could exfiltrate Docker registry credentials when scanning certain OCI image references. The vulnerability stems from malcontent using google/go-containerregistry for OCI image ...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow when parsing a CMS AuthEnvelopedData message. An attacker can trigger a crash by supplying AEAD ciphers such as AES-GCM with malicious initialization vectors. These are encoded in the ASN.1 parameters and...

CVE-2025-15467 Stack buffer overflow in CMS (Auth)EnvelopedData parsing

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

SUSE CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

Advisory ROSA-SA-2026-3116

software: pgbouncer 1.25.1 OS: ROSA-CHROME unaffected versions = pgbouncer-1.25.1-1 affected versions pgbouncer-1.25.1-1 CVE-ID: CVE-2025-12819 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Arbitrary SQL execution vulnerability in PgBouncer in authquery handler: an unauthenticated attacker could execute...

CVE-2025-59100 Unauthenticated Access to the SQLite Database in dormakaba access manager

The web interface offers a functionality to export the internal SQLite database. After executing the database export, an automatic download is started and the device reboots. After rebooting, the exported database is deleted and cannot be accessed anymore. However, it was noticed that sometimes t...

PT-2026-4632

Name of the Vulnerable Software and Affected Versions DigitalOcean Droplet Agent versions through 1.3.2 Description A command injection issue exists due to inadequate input validation when processing metadata from the metadata service endpoint. Specifically, the troubleshooting actioner component...

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

CVE-2026-22992

In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from monhandleauthdone Currently any error from cephauthhandlereplydone is propagated via finishauth but isn't returned from monhandleauthdone. This results in higher layers learning that despite...

AZL-78473 CVE-2026-22992 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from monhandleauthdone Currently any error from cephauthhandlereplydone is propagated via finishauth but isn't returned from monhandleauthdone. This results in higher layers learning that despite...

CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

UBUNTU-CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

CVE-2026-22992

In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from monhandleauthdone Currently any error from cephauthhandlereplydone is propagated via finishauth but isn't returned from monhandleauthdone. This results in higher layers learning that despite...

CVE-2026-22984

CVE-2026-22984 affects the Linux kernel libceph path (handle_auth_done) and is resolved by an explicit bounds check on payload_len to prevent out-of-bounds reads. Upstream patch exists and has been incorporated in newer kernel releases (e.g., 6.6.130 per Mageia advisory); vendors: update to a ker...

OESA-2026-1190 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an...

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

Linux Distros Unpatched Vulnerability : CVE-2026-22992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: return the handler error from monhandleauthdone Currently any error from cephauthhandlereplydone is propagated via finishauth but isn't returned from...