CVE-2026-6659 Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography...

PT-2026-39185

Name of the Vulnerable Software and Affected Versions Crypt::PasswdMD5 versions prior to 1.43 Description The software generates insecure random values for salts because the built-in rand function is predictable and unsuitable for cryptographic purposes. Recommendations Update to a version later...

Crypt::PasswdMD5 安全特征问题漏洞

Crypt::PasswdMD5 is a Perl module developed by RSAVAGE’s individual developers, which implements MD5-based password hashing calculations. Versions of Crypt::PasswdMD5 prior to 1.42 contained security vulnerabilities due to the use of a predictable built-in rand function to generate insecure rando...

Linux Distros Unpatched Vulnerability : CVE-2026-6659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for...

CVE-2026-43863

A flaw was found in mutt, an email client. A remote attacker could exploit this vulnerability by sending specially crafted input, which would trigger an infinite loop in the dataobjecttostream function. This issue, located in the crypt-gpgme.c component, can lead to a Denial of Service DoS, causi...

SUSE CVE-2026-43863

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

CVE-2026-43863

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

CVE-2026-43863

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

EUVD-2026-26902

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

CVE-2026-43863

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

CVE-2026-43863

CVE-2026-43863 affects mutt prior to 2.3.2, where an infinite loop in data_object_to_stream (crypt-gpgme.c) is reported. The CVSS 3.1 vector indicates low availability impact. No remediation or specific fix details are provided in the connected documents. Affected version range inferred: mutt

CVE-2026-43863

mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...

PT-2026-36776

Name of the Vulnerable Software and Affected Versions mutt versions prior to 2.3.2 Description An infinite loop exists in the data object to stream function within the crypt-gpgme.c file. Recommendations Update to version 2.3.2 or later...

mutt 安全漏洞

Mutt is an open-source command-line email client for sending emails from the terminal. Versions of Mutt prior to 2.3.2 contained a security vulnerability, which stemmed from an infinite loop in dataobjecttostream in crypt-gpgme.c...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: dm-crypt, dm-verity: Disable tasklets Tasklets have an inherent problem with memory corruption. The taskletactioncommon function calls tasklettrylock, then it calls the tasklet callback, and then it calls taskletunlock. If the...

Fedora 43 : perl-CryptX (2026-3e1f671a17)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3e1f671a17 advisory. 0.088 2026-04-23 - Crypt::KeyDerivation - new functions: pbkdf1openssl, bcryptpbkdf, scryptpbkdf, argon2pbkdf - Crypt::Misc - new functions: randomv7uuid,...

OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability

Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...

SUSE CVE-2026-31543

In the Linux kernel, the following vulnerability has been resolved: crashdump: don't log dm-crypt key bytes in readkeyfromuserkeying When debug logging is enabled, readkeyfromuserkeying logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes...

CVE-2026-31543

A flaw was found in the Linux kernel. When debug logging is enabled, the readkeyfromuserkeying function logs the initial 8 bytes of the key payload. This action partially exposes the dm-crypt key, leading to information disclosure...

DEBIAN-CVE-2026-31543

In the Linux kernel, the following vulnerability has been resolved: crashdump: don't log dm-crypt key bytes in readkeyfromuserkeying When debug logging is enabled, readkeyfromuserkeying logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes...