CVE-2026-45615 mouse07410/asn1c: 1-byte Heap Out-of-Bounds Read in `INTEGER_decode_oer` via Malformed OER Payload

mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c specifically INTEGERoer.c. When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, th...

Out-of-bounds writes due to integer overflow in jxl-grid on 32-bit platforms

On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. This could allow arbitrary code execution. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use...

EUVD-2026-33264

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

CVE-2026-49197 Predator Connect W6x: Improper Authentication

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

CVE-2026-49197

The CVE affects web endpoints used by the Acer Connect app, where the Authorization header is not properly validated. The underlying issue is improper handling of Base64 decoding failures, allowing requests that should be blocked. CVSS indicates a CRITICAL impact with high consequences for confid...

RockyLinux 8 : libexif (RLSA-2026:20929)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20929 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...

PT-2026-44847

mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c specifically INTEGER oer.c. When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, t...

Acer Predator Connect W6x 安全漏洞

The Acer Predator Connect W6x is a series of high-performance Wi-Fi 6/6E gaming routers produced by Acer of Taiwan, China. The Acer Predator Connect W6x has a security vulnerability. This vulnerability arises from the improper validation of the HTTP Authorization header by the Web endpoint of the...

SUSE SLES15 Security Update : php7 (SUSE-SU-2026:2091-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2091-1 advisory. This update for php7 fixes the following issues - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code...

RHEL 8 : kernel (RHSA-2026:21706)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21706 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go. This vulnerability arises when accessing pixels in an invalid image using palette index values that...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained a buffer error vulnerability. This vulnerability stemmed from the plane bitmap decoder’s inability to prevent out-of-bounds write-ups during RLE plane data decoding...

PT-2026-44767

Name of the Vulnerable Software and Affected Versions Acer Connect affected versions not specified Description Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header. The system fails to block requests when the Base64 decoding process fails, allowing...

DEBIAN-CVE-2026-49130

Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...

CVE-2026-46130

A flaw was found in the Linux kernel's device-mapper verity forward error correction dm-verity-fec component. This vulnerability occurs because a function responsible for decoding parity data makes an incorrect assumption about how these data blocks are read. Under specific, non-default...

CVE-2026-49130 Music Player Daemon < 0.24.11 CRLF Injection via XspfPlaylistPlugin.cxx

Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...

EUVD-2026-33006

Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...

GHSA-59F3-VP2F-MP9W Symfony's Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC — Unauthenticated Webhook Event Injection

Description The Mailtrap mailer bridge ships a webhook request parser used to authenticate and decode the event callbacks Mailtrap POSTs to an application's webhook endpoint. Its doParseRequest $request, \SensitiveParameter string $secret method receives the configured webhook secret but never...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Base64URL decoding process. An attacker can cause excessive CPU and memory consumption by supplying an arbitrarily large payload segment when verifying detached JWS tokens wit...

PYSEC-0000-CVE-2026-48525

PyJWT is a JSON Web Token implementation in Python. From 2.8.0 to 2.12.1, when verifying detached JWS tokens using the unencoded-payload option "b64": false, RFC 7797, PyJWT performs Base64URL decoding of the compact-serialization payload segment before enforcing the detached-payload rules. For...