ALPINE-CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

UBUNTU-CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

CVE-2026-2219

CVE-2026-2219 affects dpkg-deb in dpkg, where improper validation of the end of the data stream during uncompression of zstd-compressed .deb archives can lead to a denial-of-service (infinite CPU loop). Public records from OSV and OSV-derived advisories confirm patches exist in multiple distribut...

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

dpkg-deb 安全漏洞

dpkg-deb is a package manager in Linux developed by the Debian community. dpkg-deb has a security vulnerability that stems from improper validation of the end of the data stream when decompressing.deb archives compressed with zstd, which could lead to a denial-of-service attack...

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use of the terminal...

Oracle Linux 9 : delve (ELSA-2026-3842)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-3842 advisory. 1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild without changes. - Resolves: RHEL-153104 Tenable has extracted the...

Oracle Linux 10 : delve (ELSA-2026-3864)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3864 advisory. 1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild with latest Go Tenable has extracted the preceding...

CVE-2026-1605

In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing t...

AZL-79271 CVE-2026-3381 affecting package fltk 1.3.8-1

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-79242 CVE-2026-3381 affecting package clucene 2.3.3.4-38

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-79410 CVE-2026-3381 affecting package python-tensorflow-estimator 2.11.0-2

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

delve security update

1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild with latest Go...

delve security update

1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild without changes. - Resolves: RHEL-153104...

Security Bulletin: Vulnerabilities in MongoDB Server might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Zlib which use by MongoDB server. Vulnerability include mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client as described by t...

SUSE CVE-2026-27571

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS...

cpp-httplib 安全漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes HTTP/HTTPS server and client components. Versions of cpp-httplib prior to 0.35.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of payload size restrictions on decompressed request...

BIT-NATS-2026-27571 nats-server websockets are vulnerable to pre-auth memory DoS

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0617-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0617-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...