SUSE CVE-2026-5107

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...

EUVD-2026-17109

A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

CVE-2026-5124

A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The...

CVE-2026-5122 osrg GoBGP BGP OPEN Message bgp.go DecodeFromBytes access control

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen results in improper access controls. The attack may be...

CVE-2026-5122

The CVE affects osrg GoBGP ≤ 4.3.0, specifically the BGP OPEN Message Handler in pkg/packet/bgp/bgp.go DecodeFromBytes. Manipulating the domainNameLen argument results in improper access controls, potentially enabling remote exploitation. The attack is described with a high complexity requirement...

Study of Post Quantum Status of Widely Used Protocols

The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...

GoBGP 访问控制错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a access control vulnerability, which was caused by incorrect handling of the parameter domainNameLen in the file pkg/packet/bgp/bgp.go. This vulnerability could...

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of osrg GoBGP prior to 4.3.0 contain security vulnerabilities. These vulnerabilities stem from incorrect handling of the parameter data1 in the file pkg/packet/bgp/bgp.go, which may lead to a...

GHSA-4P9M-8GC4-RW2H GoBGP vulnerable to a denial of service via the NEXT_HOP path attribute

An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXTHOP path attribute...

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version GoBGP 4.2.0 contains a security vulnerability, which stems from improper handling of the NEXTHOP path attribute. This vulnerability could allow remote attackers to launch a denial-of-service attac...

DHS Ousts CBP Privacy Officers Who Questioned ‘Illegal’ Orders

Department of Homeland Security leaders removed top privacy officers who objected to mislabeling government records to block their public release, WIRED has learned...

When your DDoS mitigation provider goes down: Why traffic control can’t be outsourced

Since the headline-grabbing outages of 2021, we’ve had recurring conversations with large enterprises asking some version of the same question. Do we really want our CDN, security, and routing control to live in the same place? This issue of control has become more urgent after a series of...

CBP Used Online Ad Data to Track Phone Locations

Plus: Proton helped the FBI identify a protester, the Leakbase cybercrime forum was busted in an international operation, and more...

The Controversies Finally Caught Up to Kristi Noem

Donald Trump said he would replace the secretary of the Department of Homeland Security. Noem’s tenure was marked by aggressive anti-immigration tactics and ICE and CBP’s killing of two US protesters...

Institutional DeFi: Building Secure Bridges Between Decentralized Protocols and Corporate Treasury

Institutional DeFi helps corporations improve treasury liquidity, speed cross-border settlements, and manage capital using secure permissioned blockchain protocols...

Bird-lg-go 安全漏洞

Bird-lg-go is a BGP routing query tool developed by Yuhui Xu. Previous versions of bird-lg-go, including 6187a4e, contained security vulnerabilities. These vulnerabilities stemmed from the traceroute module’s use of shlex.Split to parse user input without proper validation. This could allow remot...

SUSE CVE-2026-23161

In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem swap freeing is not handling the order of swap entries correctly. It uses xacmpxchgirq to erase the swap entry, but it gets the entry order before tha...

CVE-2026-23161

In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem swap freeing is not handling the order of swap entries correctly. It uses xacmpxchgirq to erase the swap entry, but it gets the entry order before tha...