kernel: crypto: algif_aead - Fix minimum RX size check for decryption

A flaw was found in the Linux kernel, specifically within the algifaead module. The vulnerability involves an incorrect check for the minimum receive buffer size during decryption, which did not properly account for the tag size. This could potentially lead to issues with data integrity or...

EUVD-2026-27093

n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supp...

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

RHEL 9 : .NET 9.0 (RHSA-2026:13282)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13282 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QEMU virtual crypto device during handling of data encryption/decryption requests in virtiocryptohandlesymreq. There is no check for the values of srclen and dstlen in virtiocryptosymophelper, which may lead to a heap buffer overflow if these values differ...

Astra Linux – Vulnerability in Nettle

A flaw was discovered in the way Nettle’s RSA decryption functions handled specially crafted ciphertext. An attacker could exploit this flaw to deliver manipulated ciphertext, resulting in application crashes and denial of service...

Astra Linux – Vulnerability in OpenSSL

To decrypt SM2 encrypted data, an application is expected to call the API function EVPPKEYdecrypt. Typically, an application will call this function twice. The first time, upon entry, the “out” parameter can be NULL, and upon exit, the “outlen” parameter contains the buffer size required to hold...

Astra Linux – Vulnerability in python-rsa

In Python-RSA before version 4.1, leading '\0' bytes are ignored during the decryption of ciphertext. This could potentially have security-related implications, such as allowing an attacker to infer that an application uses Python-RSA. Alternatively, the length of the accepted ciphertext may affe...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tls: Purged asynchold from tlsdecryptasyncwait The asynchold queue retains encrypted input data while the AEAD engine references their scatterlist data. Once tlsdecryptwait returns, all AEAD operations are completed, and the engi...

Astra Linux – Vulnerability in Node.js

Node.js versions that bundle a unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL that is also unpatched are vulnerable to the Marvin attack – https://people.redhat.com/hkario/marvin/. This vulnerability occurs when performing RSA decryption using a private key,...

crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption

...

Linux Distros Unpatched Vulnerability : CVE-2026-43033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place src != dst, there is no need to save...

SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2026:1637-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1637-1 advisory. - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329:...