aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2025-13473 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2025-13473 Source advisory: OSV:PYSEC-2026-42...

EUVD-2025-206617

A vulnerability in danny-avila/librechat allows attackers to exploit the unrestricted Fork Function in /api/convos/fork to fork numerous contents rapidly. If the forked content includes a Mermaid graph with a large number of nodes, it can lead to a JavaScript heap out of memory error upon service...

CVE-2025-7105 Denial of Service via JavaScript Memory Overflow in danny-avila/librechat

A vulnerability in danny-avila/librechat allows attackers to exploit the unrestricted Fork Function in /api/convos/fork to fork numerous contents rapidly. If the forked content includes a Mermaid graph with a large number of nodes, it can lead to a JavaScript heap out of memory error upon service...

CVE-2025-7105

A vulnerability in danny-avila/librechat allows attackers to exploit the unrestricted Fork Function in /api/convos/fork to fork numerous contents rapidly. If the forked content includes a Mermaid graph with a large number of nodes, it can lead to a JavaScript heap out of memory error upon service...

CVE-2025-7105

The CVE-2025-7105 entry concerns danny-avila/librechat where an unrestricted Fork Function at /api/convos/fork allows rapid forking of content. If a forked item contains a Mermaid graph with many nodes, a JavaScript heap out of memory error can occur on service restart, causing a Denial of Servic...

PT-2026-5653

A vulnerability in danny-avila/librechat allows attackers to exploit the unrestricted Fork Function in /api/convos/fork to fork numerous contents rapidly. If the forked content includes a Mermaid graph with a large number of nodes, it can lead to a JavaScript heap out of memory error upon service...

OPENSUSE-RU-2026:20161-1 Recommended update for hauler

This update for hauler fixes the following issues: Changes in hauler: - Update to version 1.4.1 bsc1256546, CVE-2026-22772: fixed typos for containerd imports 493 fix and support containerd imports of hauls 492 bump github.com/sigstore/fulcio 489 - Update to version 1.4.0: added/updated logging f...

OATH Toolkit 2.6.14

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit...

CVE-2025-59375

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004852)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004852 advisory. In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork failure The pointers for guarded storage and runti...

PT-2026-5587

Name of the Vulnerable Software and Affected Versions live555 affected versions not specified Description A flaw exists in the rgaufman/live555 fork of live555 that could allow a remote attacker to trigger a segmentation fault within the increaseBufferTo function. Successful exploitation of this...

[SECURITY] Fedora 42 Update: mariadb11.8-11.8.5-1.fc42

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004354 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000751 advisory. A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000791)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000791 advisory. The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call tha...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003871 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000794 advisory. The copycreds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002480 advisory. The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call tha...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002940)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002940 advisory. A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002436 advisory. The archduptaskstruct function in the Transactional Memory TM implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platfo...