Security Bulletin: IBM i is affected by BIND being too lenient accepting records with forged data and consuming excessive CPU when a resolver is performing DNSSEC validation [CVE-2025-40778, CVE-2026-1519].

Summary Domain Name System for IBM i is vulnerable to BIND being too lenient when accepting records from answers allowing an attack to inject forged data into cache CVE-2025-40778, and consuming excessive CPU when a resolver is performing DNSSEC validation and encounters a maliciously crafted zon...

CVE-2026-6272

A client holding only a read JWT scope can still register itself as a signal provider through the production kuksa.val.v2 OpenProviderStream API by sending ProvideSignalRequest. 1. Obtain any valid token with only read scope. 2. Connect to the normal production gRPC API kuksa.val.v2. 3. Open...

EUVD-2026-25409

A client holding only a read JWT scope can still register itself as a signal provider through the production kuksa.val.v2 OpenProviderStream API by sending ProvideSignalRequest. 1. Obtain any valid token with only read scope. 2. Connect to the normal production gRPC API kuksa.val.v2. 3. Open...

Linux Distros Unpatched Vulnerability : CVE-2026-4292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Admin changelist forms using ModelAdmin.listeditable incorrectly allowed...

PT-2026-26556

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...

EulerOS Virtualization 2.13.1 : bind (EulerOS-SA-2026-1633)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker ...

EulerOS 2.0 SP13 : dhcp (EulerOS-SA-2026-1233)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the...

OESA-2025-2875 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

OESA-2025-2843 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

CLSA-2025-1764584370 bind: Fix of CVE-2025-40778

CVE-2025-40778: fix issue with BIND being too lenient when accepting records from answers to prevent injection of forged data into the cache...

CLSA-2025-1764321653 bind: Fix of CVE-2025-40778

CVE-2025-40778: fix issue with BIND being too lenient when accepting records from answers to prevent the injection of forged data into the cache...

CLSA-2025-1764321323 bind: Fix of CVE-2025-40778

CVE-2025-40778: fix issue with BIND being too lenient when accepting records from answers to prevent the injection of forged data into the cache...

CVE-2025-12978

Fluent Bit inhttp, insplunk, and inelasticsearch input plugins contain a flaw in the tagkey validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed acces...

Forge JavaScript library impacted by a vulnerability in signature verification.

Overview The Forge JavaScript library provides TLS-related cryptographic utilities. A vulnerability that allows signature verification to be bypassed through crafted manipulation of ASN.1 structures, particularly in fields such as Message Authentication Code MAC data, was identified. Users of the...

CVE-2025-12978

Fluent Bit inhttp, insplunk, and inelasticsearch input plugins contain a flaw in the tagkey validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed acces...

CVE-2025-12978

Fluent Bit inhttp, insplunk, and inelasticsearch input plugins contain a flaw in the tagkey validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed acces...

CVE-2025-12978 CVE-2025-12978

Fluent Bit inhttp, insplunk, and inelasticsearch input plugins contain a flaw in the tagkey validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed acces...

CVE-2025-12978 CVE-2025-12978

Fluent Bit inhttp, insplunk, and inelasticsearch input plugins contain a flaw in the tagkey validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed acces...

PT-2025-47924

Name of the Vulnerable Software and Affected Versions Fluent Bit in http, in splunk, and in elasticsearch input plugins affected versions not specified Description The input plugins in http, in splunk, and in elasticsearch within Fluent Bit have a flaw in how they validate the tag key. The...

Security Bulletin: IBM i is affected by BIND accepting records with untrusted data, predictable port and query ID, and resource exhaustions in Domain Name System due to multiple vulnerabilities.

Summary Domain Name System for IBM i is vulnerable to BIND accepting records with forged data CVE-2025-40778, prediction of port and ID due to weakness in pseudo random number generator CVE-2025-40780, various resource exhaustions when being flooded with valid or invalid HTTP/2 traffic...