CVE-2024-6858 In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.

In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN...

PT-2026-46392

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description When operating in 802.1X mode, multi-auth unauthenticated hosts may be granted unauthorized access to a switch port if an EAPOL Extensible Authentication Protocol over LAN capable device i...

PT-2026-45833

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions prior to 2026.2.3 Description The SAML source response processor ResponseProcessor.parse fails to validate the Conditions element on assertions. Specifically, NotBefore, NotOnOrAfter, an...

CVE-2026-3039

CVE-2026-3039 affects BIND 9.x when TKEY-based authentication via GSS-API tokens is used; the issue is a memory-exhaustion vulnerability triggered by malicious packets in Active Directory/Kerberos DNS setups. Affected versions span 9.0.0–9.16.50, 9.18.0–9.18.48, 9.20.0–9.20.22, 9.21.0–9.21.21, pl...

Astra Linux - уязвимость в wpa

Implementations of EAP-pwd in hostapd before version 2.10 and wpasupplicant before version 2.10 are vulnerable to side-channel attacks due to cache access patterns. NOTE: This issue exists because of an incomplete fix for CVE-2019-9495...

Exploit for CVE-2026-35333

CVE-2026-35333 strongSwan RADIUS attribute-iterator pre-auth...

SUSE CVE-2026-43859

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...

CVE-2026-43862

In mutt before 2.3.2, the imapauthgss security level is mishandled...

PT-2026-36107

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description The SAML IdP implementation in the SSO module uses the AssertionConsumerServiceURL value from incoming SAML AuthnRequest messages as the destination for the SAML response without validating it agains...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

CVE-2026-35330

Integer Underflow When Handling EAP-SIM/AKA Attributes...

UBUNTU-CVE-2026-35330

Integer Underflow When Handling EAP-SIM/AKA Attributes...

Security update for strongswan

This update for strongswan fixes the following issue: CVE-2026-25075: integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

PT-2026-31988

An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint...

CVE-2026-39312 Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition

SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...

SoftEther VPN 安全漏洞

SoftEther VPN is a free, open-source, cross-platform, and multi-protocol VPN software developed by SoftEther. It provides secure, flexible, and efficient network connections, allowing users to bypass geographical restrictions. SoftEther VPN versions 5.2.5188 and earlier contain security...

EUVD-2026-15426

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this...

CVE-2026-20004

Cisco IOS XE TLS library vulnerability (CVE-2026-2004) could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, causing a reload and DoS. Root cause: improper memory management during TLS setup. Exploitation involves repeated TLS-triggering actions such as EAP at...

Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : strongSwan vulnerability (USN-8117-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8117-1 advisory. Kazuma Matsumoto discovered that strongSwan incorrectly handled EAP-TTLS AVPs when using the eap-ttls plugin. An attacker could possibly use...