GHSA-67WX-R9XR-X75X Incus has Unbounded YAML Metadata Decode via Parsing

Summary User provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup tarball that when parsed by Incus would lead to a very large YAML document being loaded int...

Security Bulletin: pyasn1 Uncontrolled Recursion in ASN.1 Decoding Enables Denial of Service

Summary pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested...

CVE-2026-43861

mutt before 2.3.2 does not check for '\0' in urlpctdecode...

EUVD-2026-26899

mutt before 2.3.2 does not check for '\0' in urlpctdecode...

CVE-2026-43861

CVE-2026-43861 affects mutt up to version 2.3.1, where the url_pct_decode function does not check for a '\0' terminator. This could allow malformed URLs to bypass validation. The CVSSv3.1 base score is 3.7 (LOW); attack vector: NETWORK, complexity: HIGH, privileges: NONE, user interaction: NONE. ...

CVE-2026-42369

GV-VMS V20 WebCam Server contains a stack overflow in the b64decoder path of the gvapi flow. The decoded base64 string is copied into a 256-byte local Buffer without bounds checking, so if the decoded data exceeds 256 characters an attacker can trigger a stack overflow. The product is described a...

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained security vulnerabilities. These vulnerabilities stemmed from a function in the SRv6 L3 Service component called pkg/packet/bgp/prefixsid.go. The function...

PT-2026-37138

Name of the Vulnerable Software and Affected Versions Incus versions prior to 7.0.0 Description Incus is a system container and virtual machine manager. An authenticated user can provide a specially crafted image or backup tarball containing a very large YAML document. Because the software unpack...

PT-2026-36774

Name of the Vulnerable Software and Affected Versions mutt versions prior to 2.3.2 Description The software fails to check for the null character '0' within the url pct decode function. Recommendations Update to version 2.3.2 or later...

PT-2026-37200

Name of the Vulnerable Software and Affected Versions Pillow versions 10.3.0 through 12.1.x Description Processing a malicious PSD file can lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This occurs because bounds checks for tile extents in PSD image...

OESA-2026-2166 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

OESA-2026-2165 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

CVE-2026-5324 Brizy – Page Builder <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting via FileUpload Field Value

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

CLSA-2026-1777541147 squid34: Fix of 12 CVEs

CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...

mysql: Fix of CVE-2018-2755

CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...

CLSA-2026-1777683582 mysql: Fix of CVE-2018-2755

CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...

Tracing the Dynamics of Refusal: Exploiting Latent Refusal Trajectories for Robust Jailbreak Detection

Representation Engineering typically relies on static refusal vectors derived from terminal representations. We move beyond this paradigm, demonstrating that refusal is a dynamic and sparse process rather than a localized outcome. Using Causal Tracing, we uncover the Refusal Trajectory-a persiste...

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

CLSA-2026-1777552532 Fix CVE(s): CVE-2025-64720, CVE-2025-65018

No-source-change rebuild against libpng = 1.6.37-2+tuxcare.els2 to pick up the libpng security fixes for: - CVE-2025-64720: pngimagereadcomposite OOB read on palette images with PNGFLAGOPTIMIZEALPHA libpng 1.6.51. - CVE-2025-65018: pngimagefinishread heap buffer overflow on 16-bit interlaced PNGs...

CLSA-2026-1777538840 mysql: Fix of CVE-2018-2755

CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...