EUVD-2026-34061

Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...

CVE-2026-25556 MuPDF 1.23.0 through 1.27.0 Barcode Decoding Double Free

MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...

Siemens SCALANCE and RUGGEDCOM Devices Missing Release of Memory after Effective Lifetime (CVE-2024-56572)

media: platform: allegro-dvt: possible memory leak in allocatebuffersinternal. If The buffer in the loop is not released under the exception path, it may lead to a memory leak. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to free urbs in the exception path in the lfxusbenablerx function, which could lead to a memory...

EUVD-2025-29585

Malicious code in bioql PyPI...

CVE-2025-39829 trace/fgraph: Fix the warning caused by missing unregister notifier

In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftracesuspendnotifiercall already registered WARNING: CPU: 2 PID: 86 at kernel/notifier.c:2...

CVE-2025-39829 trace/fgraph: Fix the warning caused by missing unregister notifier

In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftracesuspendnotifiercall already registered WARNING: CPU: 2 PID: 86 at kernel/notifier.c:2...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not deregistering pmnotifier in an exception path, which could lead to duplicate registration warnings...

PT-2025-37974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's trace/fgraph subsystem. A warning occurred during testing on version 6.16 due to a missing unregistration of a notifier callback after a failed start...

CVE-2024-53202

CVE-2024-53202 : In the Linux kernel, a resource leak can occur in the firmware loader path (fw_log_firmware_info) if an alg instance is not released on the exception path. The fix ensures the alg instance is freed with crypto_free_shash when kmalloc fails. Affected area: firmware_loader/kernel, ...

Schneider Electric U.motion Builder Information Disclosure Vulnerability (CNVD-2018-07820)

U.motion Builder is a generator product from Schneider Electric France. An information disclosure vulnerability exists in Schneider Electric U.motion Builder externalframe.php. An attacker can exploit the vulnerability to obtain information about the path returned by an exception message...