Astra Linux – Vulnerability in Mariadb 10.3

MariaDB Server before version 10.7 is vulnerable to Denial of Service attacks. In the file extra/mariabackup/dscompress.cc, when an error occurs i.e., transitioning to the err label during the execution of the createworkerthreads method, the held lock thd-ctrlmutex is not released properly. This...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: compress: fixed to avoid a use-after-free condition on dic. Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...

ROOT-APP-MAVEN-CVE-2024-25710 CVE-2024-25710 in io.root.org.apache.commons:commons-compress - Patched by Root

Root has patched CVE-2024-25710 in the io.root.org.apache.commons:commons-compress package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-26308 CVE-2024-26308 in io.root.org.apache.commons:commons-compress - Patched by Root

Root has patched CVE-2024-26308 in the io.root.org.apache.commons:commons-compress package for Root:Maven. Multiple fixed versions available...

Exploit for CVE-2026-48962

Summary An eval injection vulnerability in File::GlobMappe...

📄 IO-Compress 2.219 Eval Injection

An eval injection vulnerability in File::GlobMapper::getFiles allows any attacker who can control the output fileglob argument passed to IO::Compress::Gzip::gzip, IO::Compress::Zip::zip, or any sibling function to execute arbitrary Perl code in the context of the running process. Summary An eval...

OPENSUSE-SU-2026:10969-1 perl-IO-Compress-2.220.0-2.1 on GA media

These are all security issues fixed in the perl-IO-Compress-2.220.0-2.1 package on the GA media of openSUSE Tumbleweed...

TencentOS Server 4: perl-IO-Compress (TSSA-2026:0426)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0426 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2026-48961

A flaw was found in the zipdetails command-line interface CLI tool, bundled with IO::Compress for Perl. When processing a specially crafted Info-ZIP Unix Extra Field with an 8-byte User ID UID or Group ID GID, the zipdetails tool attempts to call an undefined subroutine. This can lead to the tool...

perl-IO-Compress-2.220.0-1.1 on GA media (moderate)

perl-IO-Compress-2.220.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10939-1 Rating: moderate Cross-References: CVE-2026-48962 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

CVE-2026-10221

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

PT-2026-45971

These are all security issues fixed in the perl-IO-Compress-2.220.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10939-1 perl-IO-Compress-2.220.0-1.1 on GA media

These are all security issues fixed in the perl-IO-Compress-2.220.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-10221

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

CVE-2026-10221 NousResearch hermes-agent run_agent.py _compress_context injection

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

CVE-2026-10221 NousResearch hermes-agent run_agent.py _compress_context injection

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

EUVD-2026-33554

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

CVE-2026-10221

CVE-2026-10221 affects NousResearch Hermes-agent up to version 0.12.0. The vulnerability is in the _compress_context function of run_agent.py, where input manipulation leads to injection. It can be triggered remotely over the network, and a public exploit is available. The vendor was contacted bu...

PT-2026-45253

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compress context of the file run agent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 0.12.0 contain security vulnerabilities. These vulnerabilities stem from issues with the compresscontext function in the runagent.py file, which may lead to injectio...