SUSE CVE-2026-45889

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

EUVD-2026-32355

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

CVE-2026-45889

mptcp: do not account for OoO in mptcprcvbufgrow...

CVE-2026-47077

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...

Russh: Unchecked CryptoVec allocation and growth handling is reachable

Title Unchecked CryptoVec allocation and growth handling was reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases Summary CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths...

RUSTSEC-2026-0153 Unchecked `CryptoVec` allocation and growth handling

CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation and locking paths. In affected russh releases, attacker-controlled input could reach these code paths through buffer resizing operations. Two affected reachability paths were identified: Current russh...

CVE-2026-8468 Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...

EUVD-2026-30133

Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboyreq:readpart/3 in src/cowboyreq.erl accumulates incoming request bytes into a Buffer binary with no upper-bound chec...

CVE-2026-8466 Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy

Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboyreq:readpart/3 in src/cowboyreq.erl accumulates incoming request bytes into a Buffer binary with no upper-bound chec...

CVE-2026-8466

CVE-2026-8466 affects the Cowboy web server (ninenines) prior to 2.15.0. The issue is an unbounded memory growth vulnerability in multipart header parsing: cowboy_req:read_part/3 accumulates request bytes into a Buffer without an upper-bound check, and when cow_multipart:parse_headers/2 returns m...

Oracle Linux 9 : freerdp (ELSA-2026-16482)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16482 advisory. - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in...

Oracle Linux 8 : freerdp (ELSA-2026-16019)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16019 advisory. - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159850 - Fix double free in xfrailwindowcommon cleanup CVE-2026-2698...

freerdp security update

2:2.11.7-1.7 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP array bounds...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unbound UART receive buffer in the NFC pn533 driver, resulting in malicious malformed UART traffic that c...

CVE-2026-33594

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...

CLSA-2026-1776440644 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

Orthanc 安全漏洞

Orthanc is a free open-source software developed by the Orthanc company. Orthanc has a security vulnerability, which stems from a memory exhaustion issue when processing ZIP archives. This issue may lead to the server allocating excessive buffer space during extraction processes...

PDFME Affected by Decompression Bomb in FlateDecode Stream Parsing Causes Memory Exhaustion DoS

Summary The DecodeStream.ensureBuffer method in @pdfme/pdf-lib doubles its internal buffer without any upper bound on the decompressed size. A crafted PDF containing a FlateDecode stream with a high compression ratio decompression bomb causes unbounded memory allocation during stream decoding,...

MiracleLinux 8 : redis:6 (AXSA:2025-9955:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9955:01 advisory. redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client CVE-2025-21605 Tenable has extracted the preceding...

OESA-2025-2839 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...