CVE-2026-42440 Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...

CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...

EUVD-2026-26969

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6499

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5...

CVE-2025-70067

CVE-2025-70067 is a buffer overflow in the Assimp library (FBX Importer), caused by copying a crafted FBX property key string into a fixed-size heap buffer via strcpy() in aiMaterial::AddBinaryProperty. Public reports identify affected versions as up to 6.0.2, with remediation to update to a newe...

PT-2026-36807

Name of the Vulnerable Software and Affected Versions OpenConcerto version 1.7.5 Description Incorrect permission assignment for a critical resource allows the replacement of binaries. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

ILM Informatique OpenConcerto 安全漏洞

ILM Informatique OpenConcerto is a business management software suite developed by the French company ILM Informatique. Version 1.7.5 of ILM Informatique OpenConcerto contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading...

EUVD-2025-209616

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

CVE-2025-70067

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

CVE-2025-70067

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

CVE-2025-70067

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

Astra Linux – Vulnerability in glibc

The Name Service Cache Daemon’s nscd netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. This flaw was introduced in glibc 2.15, when the cache was added to nscd. This vulnerability only exists in the nscd binary...

Astra Linux – Vulnerability in binutils

Heap buffer overflow vulnerability in binutils’ readelf before version 2.40, caused by the displaydebugsection function in the readelf.c file...

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service—only by manipulating the processed input stream when XStream is configured to use th...

Astra Linux - уязвимость в golang-1.19, golang-1.23

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

Astra Linux - уязвимость в rustc

In the standard library of Rust before version 1.2.0, BinaryHeap is not panic-safe. The binary heap becomes in an inconsistent state when the comparison of generic elements within siftup or siftdownrange causes a panic. This bug results in a decrease of zeroed memory of an arbitrary type, which c...

Astra Linux – Vulnerability in binutils

There is a heap-based buffer overflow issue in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. A crafted input can cause segmentation faults, leading to denial-of-service attacks, as demonstrated by c++filt...

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in bfddoprnt in bfd.c, due to elfobjectp in elfcode.h mishandling an eshstrndx section of type SHTGROUP by omitting a trailing \0...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Linux kernel local privilege esc...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Copy Fail CVE-2026-31431 – Exploit Usage Guide ⚠️ Discla...