CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

CLSA-2026-1778487942 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

CLSA-2026-1778487863 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

PT-2026-39702

Name of the Vulnerable Software and Affected Versions dnsmasq affected versions not specified Description A buffer overflow in the extract addresses function allows an attacker to trigger a heap out-of-bounds read and cause a crash. This occurs when a malformed DNS response is processed, enabling...

Linux Distros Unpatched Vulnerability : CVE-2026-5172

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in dnsmasq's extractaddresses function allows an attacker to trigger a heap out-of- bounds read and crash by exploiting a malformed DNS...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from a buffer overflow in the extractaddresses function. This vulnerability allows attackers to trigger heap-based out-of-bounds reads by exploiting malformed DNS responses, causing a...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from the extractname function being exploitable, leading to a heap buffer overflow. This allows attackers to inject fake DNS cache entries, potentially redirecting DNS queries to...

Outline 路径遍历漏洞

Outline is an open-source knowledge base developed by Outline. Versions of Outline prior to 1.7.0 contained a path traversal vulnerability. This vulnerability stemmed from ZipHelper.extract’s use of trimFileAndExt to pass the entire file system path during path extraction. When the nested paths o...

OESA-2026-2238 pdfbox security update

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

CVE-2026-42453

Termix is affected by a command injection in the file-manager.ts endpoints extractArchive and compressFiles due to the use of double-quoted strings for shell construction, enabling $(command) substitution on the remote SSH host. This vulnerability (CVE-2026-42453) can lead to arbitrary command ex...

CVE-2026-44340

PraisonAI prior to 4.6.37 does not validate member.linkname or reject symlink/hardlink archive members in _safe_extractall, and calls tar.extractall(dest_dir) without a data filter. A bundle could contain a symlink inside dest_dir with a linkname outside it, followed by a file path traversing the...

PT-2026-39007

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.6.37 Description The safe extractall helper function, used in recipe pull, recipe publish, and recipe unpack flows, fails to validate member.linkname and does not reject symlink or hardlink members. Additionally, ...

Termix 命令注入漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.1.0 contained a command injection vulnerability. This vulnerability stemmed from the use of double-quoted strings in the extractArchive and compressFiles endpoints, which allowed for...

vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

Summary The extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash is triggered when any request in the batch uses sampling penalty parameters...

Incorrect Type Conversion or Cast

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast through the extracthiddenstates speculative decoding. An attacker can cause the server to crash and disrupt servic...

BIT-JAVA-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...

PT-2026-37813

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract cc from data function within qtdemux.c. In the FOURCC c708 case, the subtraction atom length - 8 may result in an underflow if atom length is less than 8. When that...

CVE-2026-42076

Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command injection vulnerability in the extractLLM function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to...

CVE-2026-42076

Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command injection vulnerability in the extractLLM function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to...