nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception via the eventstream decoder process. An attacker can cause the host process to terminate unexpectedly by sending a crafted EventStream response frame containing a header value type byte outside the valid range...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006730 advisory. In the Linux kernel, the following vulnerability has been resolved: net, hsr: reject HSR frame if skb can't hold tag Receiving HSR frame with insufficient space to...

RHEL 8 : nodejs:22 (RHSA-2026:7123)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7123 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

CVE-2026-21367

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...

CVE-2026-21381

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...

CLEANSTART-2026-EJ93145 attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames

Multiple security vulnerabilities affect the kube-state-metrics package. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. See references for individual vulnerability details...

EUVD-2026-19320

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...

PYSEC-2026-144

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

PYSEC-2026-144

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

CVE-2026-34755

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

CVE-2026-21367

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...

CVE-2026-34755

vLLM's VideoMediaIO.load_base64("video/jpeg") path has an unbounded frame-splitting bug: data.split(",") bypasses the intended frame-count limit (default 32) used by the binary path, allowing a single request with thousands of comma-separated base64 JPEG frames. This can cause the server to decod...

CVE-2026-34755 vLLM Affected by Denial of Service via Unbounded Frame Count in video/jpeg Base64 Processing

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

EUVD-2026-19350

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

CVE-2026-21381 Buffer Over-read in WLAN Firmware

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...

CVE-2026-21367 Buffer Over-read in WLAN Firmware

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...

CVE-2026-21367 Buffer Over-read in WLAN Firmware

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...

CVE-2026-21367

Technical details such as affected vendors, products, versions, and root cause are not publicly provided in the connected documents. Monitor for updates from Red Hat, ENISA, CVE references, and vendor advisories for concrete remediation information.

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from handling non-standard FILS discovery frames with oversized operations during initial scanning, potentially leading to sudden...