CVE-2025-59609

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

Amazon Linux 2 : runc, --advisory ALAS2DOCKER-2026-125 (ALASDOCKER-2026-125)

The version of runc installed on the remote host is prior to 1.3.4-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-125 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

Allocation of Resources Without Limits or Throttling

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of a frame count limit in the loadbase64 function when processing video/jpeg...

CVE-2026-23279

CVE-2026-23279 concerns the Linux kernel’s wifi/mac80211 mesh code. The issue is a NULL pointer dereference in mesh_rx_csa_frame() when the Mesh Channel Switch Parameters IE (IE 118) is absent; elems->mesh_chansw_params_ie can be NULL after mesh_matches_local(), yet code dereferences it uncond...

CVE-2026-27135

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

CVE-2025-47402

Transient DOS when processing a received frame with an excessively large authentication information element...

CVE-2025-47402

Transient DOS when processing a received frame with an excessively large authentication information element...

CVE-2025-47402

Transient DOS when processing a received frame with an excessively large authentication information element...

PT-2026-5678

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A temporary denial of service can occur when processing a received frame containing an excessively large authentication information element. Approximately 1000 devices worldwide may be affected. The...

Libsoup: out-of-bounds read in libsoup websocket frame processing

...

CVE-2026-22214

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...

CVE-2026-0716

A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash...

CVE-2026-0716

CVE-2026-0716 concerns libsoup’s WebSocket frame processing. The issue arises when a non-default configuration leaves the maximum incoming payload size unset, allowing reads outside the intended bounds and potentially causing memory exposure or a crash. Multiple security advisories (SUSE openSUSE...

CVE-2025-34457

CVE-2025-34457 affects wb2osz/direwolf (Dire Wolf) up to version 1.8, prior to commit 694c954. The issue is a stack-based buffer overflow in the function kiss_rec_byte() in src/kiss_frame.c when processing frames at MAX_KISS_LEN; it appends a terminating FEND byte without reserving space, causing...

Improper Neutralization of Null Byte or NUL Character

Overview Affected versions of this package are vulnerable to Improper Neutralization of Null Byte or NUL Character in the LZ4FcreateCDictadvanced function, when processing LZ4 frames. An attacker can cause an application to crash or trigger unintended behavior by submitting specially crafted LZ4...

EUVD-2025-35652

LZ4 through 1.10.0 allows attackers to cause a denial of service application crash or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4FcreateCDictadvanced in lib/lz4frame.c mishandles NULL checks...

CVE-2025-62813

...

EUVD-2025-33397

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...