CVE-2026-6532 Buffer Over-read in Wireshark

Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

ROS-20260430-73-0002

Vulnerability in valkey related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

JLSEC-2026-300

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...

CLSA-2026-1777444043 ruby: Fix of 2 CVEs

CVE-2021-28965: fix REXML XML round-trip vulnerability - CVE-2022-28739: fix buffer over-read in String-to-Float conversion...

CVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA field

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...

CVE-2026-6238

GLIBC: The deprecated debugging functions ns_printrrf, ns_printrr and fp_nquery in GNU C Library (glibc) 2.2 and newer fail to validate RDATA against its length for DNS LOC, CERT, TKEY or TSIG records. This may let an attacker craft a DNS response that crashes a target application or reads uninit...

CVE-2026-41503

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...

CVE-2026-41475

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending a truncated W...

JLSEC-2026-238 Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a...

Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The...

JLSEC-2026-209

Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c...

JLSEC-2026-206

Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c...

JLSEC-2026-207

Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmapreg.c and adaptmap.c...

Linux Distros Unpatched Vulnerability : CVE-2026-41415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed...

OESA-2026-2068 libgphoto2 security update

is the core of gphoto2 software. It is a portable library which gives access to literally hundreds of digital cameras. Security Fixes: libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in the ptpunpackCanonFE function in...

OESA-2026-2067 libgphoto2 security update

is the core of gphoto2 software. It is a portable library which gives access to literally hundreds of digital cameras. Security Fixes: libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in the ptpunpackCanonFE function in...

SUSE CVE-2026-31631

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the brndsend function in the bridge layer. This function assumes that option values are linear,...

CVE-2026-31631

A flaw was found in the Linux kernel, specifically within its rxrpc communication protocol. This vulnerability is a buffer overread, meaning the system attempts to read data beyond the allocated memory buffer in the rxgkdoverifyauthenticator function. This could potentially allow an attacker to...

CVE-2026-41502

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...

CVE-2026-41503

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...