Manual Processes Are Putting National Security at Risk

Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and governme...

GHSA-V7M3-FPCR-H7M2 Zumba Json Serializer has a potential PHP Object Injection via Unrestricted @type in unserialize()

Description The zumba/json-serializer library allows deserialization of PHP objects from JSON using a special @type field. Prior to version 3.2.3, the deserializer would instantiate any class specified in the @type field without restriction. When processing untrusted JSON input, this behavior may...

CVE-2026-27114 NanaZip has ROMFS Archive Infinite Loop

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

CVE-2026-27014 NanZip has ROMFS Archive Infinite Loop / Stack Overflow

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

PT-2026-20940

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

SUSE-SU-2026:20443-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. - CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

Arbitrary Code Execution

Langroid is vulnerable to Arbitrary Code Execution. The vulnerability is due to literalok returning False instead of raising an error along with unrestricted access to dangerous dunder attributes, which allows an attacker to chain DataFrame methods to expose the eval builtin and execute arbitrary...

SUSE CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

UBUNTU-CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

CVE-2026-0398

PowerDNS Recursor is affected by CVE-2026-0398. The issue involves crafted DNS zones that can cause increased resource usage and crafted CNAME chains that can lead to cache poisoning in the Recursor. The available documents do not specify affected versions, exact root cause in code paths, or offi...

CVE-2026-0398 Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

CVE-2026-0398 Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

PowerDNS Recursor（pdns_recursor） 安全漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. PowerDNS Recursor has security vulnerabilities; these vulnerabilities stem from custom zones, which may lead to increased resource usage, and custom CNAME chains, which may cause cache...

Amazon Linux 2023 : python3-urllib3 (ALAS2023-2026-1418)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1418 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server...