CVE-2026-27005

Chartbrew prior to version 4.8.3 is vulnerable to unauthenticated SQL injection in queries executed against connected databases (MySQL, PostgreSQL). The root cause is arbitrary SQL being injected via user-supplied input in queries, potentially allowing reading, modification, or deletion of data d...

CVE-2026-27005 Chartbrew: SQL injection in date-type variable handling (applyMysqlOrPostgresVariables)

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.3, an unauthenticated attacker can inject arbitrary SQL into queries executed against databases connected to Chartbrew MySQL, PostgreSQL. This allows...

CVE-2026-27005 Chartbrew: SQL injection in date-type variable handling (applyMysqlOrPostgresVariables)

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.3, an unauthenticated attacker can inject arbitrary SQL into queries executed against databases connected to Chartbrew MySQL, PostgreSQL. This allows...

openSUSE 16 Security Update : libsoup (openSUSE-SU-2026:20142-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20142-1 advisory. - CVE-2025-11021: Fixed out-of-bounds read in Cookie Date Handling of libsoup HTTP Library bsc1250562. - CVE-2026-0719: Fixed stack-based buffer...

OPENSUSE-SU-2026:20142-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-11021: Fixed out-of-bounds read in Cookie Date Handling of libsoup HTTP Library bsc1250562. - CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution bsc1256399. - CVE-2026-0716:...

SUSE-SU-2026:20205-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-11021: Fixed out-of-bounds read in Cookie Date Handling of libsoup HTTP Library bsc1250562. - CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution bsc1256399. - CVE-2026-0716:...

Astra Linux - уязвимость в libsoup3

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

MiracleLinux 9 : libsoup-2.72.0-12.el9_7.1 (AXSA:2025-11437:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11437:16 advisory. libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsou...

CLSA-2025-1764677929 libsoup: Fix of 2 CVEs

CVE-2025-4945: fix integer overflow vulnerability in date/time parsing - CVE-2025-11021: fix out-of-bounds memory read in cookie date handling logic...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libsoup (UTSA-2025-991029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991029 advisory. A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing...

CLSA-2025-1764678192 libsoup: Fix of 2 CVEs

CVE-2025-4945: fix integer overflow vulnerability in date/time parsing - CVE-2025-11021: fix out-of-bounds memory read in cookie date handling logic...

libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

RockyLinux 10 : libsoup3 (RLSA-2025:21032)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21032 advisory. libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HT...

libsoup3 security update

An update is available for libsoup3. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Libsoup is an HTTP library implementation in C. It was originally part of a...

RLSA-2025:20959 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library CVE-2025-11021 For more details about the...

CLSA-2025-1763648370 libsoup: Fix of 2 CVEs

CVE-2025-4945: fix integer overflow vulnerability in date/time parsing - CVE-2025-11021: fix out-of-bounds memory read in cookie date handling logic...

libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

RHEL 8 : libsoup (RHSA-2025:21665)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21665 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer Overflow in Cookie Expiration Da...