Incorrect Comparison

Overview github.com/jackc/pgx/v5/pgproto3 is a low-level PostgreSQL database driver Affected versions of this package are vulnerable to Incorrect Comparison in the FunctionCall.Decode function. An attacker can cause a crash on 64-bit machine by sending a null argument in a FunctionCall response...

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

PT-2026-30919

Name of the Vulnerable Software and Affected Versions Electron versions prior to 39.8.5, prior to 40.8.5, prior to 41.1.0, and prior to 42.0.0-alpha.5 Description Applications utilizing the clipboard.readImage function may experience a denial of service. If the system clipboard contains image dat...

GHSA-7HMV-4J2J-PP6F PocketMine-MP: Network amplification vulnerability with `ActorEventPacket`

Impact The server handles ActorEventPacket to trigger consuming animations from vanilla clients when they eat food or drink potions. This can be abused to make the server spam other clients, and to waste server CPU and memory. For every ActorEventPacket sent by the client, an animation event will...

CVE-2026-0049

In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2026-34588

OpenEXR contains a local overflow in internal_exr_undo_piz() where nx, ny, and wcount are int, allowing an overflow and wrap that causes out-of-bounds reads/writes during wavelet decoding. This affects 3.1.0–3.2.6, 3.3.0–3.3.8, and 3.4.0–3.4.8 (per CVE-2026-34588) and is fixed in 3.2.7, 3.3.9, an...

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

PT-2026-30662

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.1.0 through 3.2.6, versions prior to 3.3.9, and versions prior to 3.4.9 Description OpenEXR, an image storage format used in the motion picture industry, contains a flaw in the internal exr undo piz function. Specifically, t...

AlmaLinux 8 : freerdp (ALSA-2026:6005)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6005 advisory. freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path CVE-2026-26965 freerdp: FreeRDP: Arbitrary code executio...

SUSE CVE-2026-23456

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

CVE-2026-23455

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

EUVD-2026-18711

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to...

EUVD-2026-18712

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

CVE-2026-23455

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to...

CVE-2026-23456

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

CVE-2026-23456 netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

CVE-2026-23456

In the Linux kernel, CVE-2026-23456 concerns nf_conntrack_h323: decode_int() in CONS reads the length with get_bits() and then calls get_uint() without ensuring enough bytes remain, causing a 1–4 byte slab-out-of-bounds read. A boundary check for len after get_bits() and before get_uint() has bee...

CVE-2026-23456

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...