Astra Linux – Vulnerability in zziplib

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service through the zzipFetchDiskTrailer function located in the /zzip/zip.c file...

Astra Linux – Vulnerability in OpenVSwitch

It has been discovered that openvswitch 2.17.8 contains a memory leak due to the xmalloc function in openvswitch-2.17.8/lib/util.c...

PT-2026-48158

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A segmentation violation occurs in the gf hevc read sps bs internal function within the media tools/av parsers.c file. This issue allows attackers to cause a Denial of Service DoS by providing specially...

PT-2026-47240

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...

EUVD-2026-31740

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

ROS-20260403-73-0031

A vulnerability in the mips/kernel/process.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

CVE-2026-4745

CVE-2026-4745 is an Arbitrary Code Execution in dendibakh perf-ninja (labs/misc/pgo/lua modules) linked to the vulnerable program file ldo.C. The issue arises from improper generation of code (Code Injection) in perf-ninja, affecting the Lua-related components. The CVSS 4.0 base score is 10.0 (CR...

CVE-2026-4737

CVE-2026-4737 is a Use-After-Free in No-Chicken Echo-Mate affecting the SDK/rv1106-sdk/sysdrv/source/kernel/mm modules, specifically in rmap.C. Affected: Echo-Mate prior to version V250329. Root cause: memory management issue in the mm components. CVSS metrics indicate LOCAL attack vector, HIGH i...

CVE-2026-4731 An Integer Overflow Vulnerability in artraweditor/ART

Integer Overflow or Wraparound vulnerability in artraweditor ART ‎rtengine‎ modules. This vulnerability is associated with program files dcraw.C. This issue affects ART: before 1.25.12...

PT-2026-27326

Out-of-bounds Write vulnerability in timeplus-io proton base/poco/Foundation/src‎ modules. This vulnerability is associated with program files inflate.C. This issue affects proton: before 1.6.16...

CVE-2026-3644

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...

Stack-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

CVE-2025-12345

A security vulnerability has been detected in LLM-Claw 0.1.0/0.1.1/0.1.1a/0.1.1a-p1. The affected element is the function agentdeployinit of the file /agents/deploy/initiate.c of the component Agent Deployment. Such manipulation leads to buffer overflow. It is possible to launch the attack...

CVE-2026-25638

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in coders/msl.c. In the WriteMSLImage function of the msl.c file, resources are allocated. But the function returns early without releasing...

CVE-2025-15570

A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzmadecompressbuf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the...

CVE-2026-24803

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in coolsnowwolf lede package/lean/mt/drivers/mt7615d/src/mtwifi/embedded/security modules. This vulnerability is associated with program files bnlib.C. This issue affects lede: through r25.10.1...

CVE-2026-24817

Out-of-bounds Write vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05...

CVE-2026-24818

Out-of-bounds Read vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05...

AZL-75354 CVE-2026-24811 affecting package fltk 1.3.5-4

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...