CVE-2026-9529

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

CVE-2026-46385

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is 64-bit on amd64 ...

SUSE CVE-2026-9529

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

CVE-2026-9529

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

CVE-2026-9529

Technical details about CVE-2026-9529 (affected software, vulnerable component, impact, fixes) are not publicly provided in the supplied documents. Monitor for updates from official advisories.

CVE-2026-9529 GNU LibreDWG Dwggrep Utility dwggrep.c match_BLOCK_HEADER null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

EUVD-2026-31788

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

CVE-2026-9529

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

CVE-2026-9529 GNU LibreDWG Dwggrep Utility dwggrep.c match_BLOCK_HEADER null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

PT-2026-43186

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match BLOCK HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

GNU LibreDWG 代码问题漏洞

GNU LibreDWG is a C-language library from the GNU community in the United States that is used for processing DWG files. Versions of GNU LibreDWG prior to 0.14 contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the matchBLOCKHEADER function in the dwggrep.c fil...

nimiq-primitives: BlockInclusionProof interlink issue when hops are empty

Impact A logic flaw in BlockInclusionProof::isblockproven causes the function to return true without performing any cryptographic verification when getinterlinkhops yields an empty hop list. This occurs when the target block is at the election block position immediately preceding the election...

Allocation of Resources Without Limits or Throttling

Overview next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling involving Partial Prerendering in the Cache Components feature. An attacker can exhaust the connection pool by sending malicious POST requests that cause a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Returns an error if the block header exceeds the size of the remaining data in the file. If the block header is longer than the amount of data remaining in the file, csdsppowerup will return an error. The previou...

CVE-2026-31617

The CVE affects the Linux kernel USB Network Control Model (NCM) gadget driver (usb: gadget: f_ncm). A missing lower bound on block_len checks for NTB headers allows an underflow in ndp_index and datagram offset calculations when block_len ndp_size or dpe_size. This can let a malicious USB host c...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42238)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42238 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Return error if block...

kernel: firmware: cs_dsp: Return error if block header overflows file

A denial of service vulnerability was found in the Linux kernel. No error was returned from the csdsppowerup function if a block header is longer than the amount of data left in the file...

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in versions of Bitcoin Core prior to 24.0.1 that stems from a failure to verify that the provided chain has sufficient workload, allowing an attacker to cause a deni...

kernel: firmware: cs_dsp: Return error if block header overflows file

A denial of service vulnerability was found in the Linux kernel. No error was returned from the csdsppowerup function if a block header is longer than the amount of data left in the file...

kernel: firmware: cs_dsp: Return error if block header overflows file

A denial of service vulnerability was found in the Linux kernel. No error was returned from the csdsppowerup function if a block header is longer than the amount of data left in the file...