3882 matches found
PT-2026-36543
Name of the Vulnerable Software and Affected Versions bandit versions 0.5.0 through 1.10.x Description An allocation of resources without limits or throttling allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in the handle frame/3 function within...
EUVD-2025-209596
CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. Fixed in 2026.2.2...
CLSA-2026-1777446601 Fix CVE(s): CVE-2020-13935
SECURITY UPDATE: denial of service via crafted WebSocket frame with a 64-bit payload length whose most significant bit is set. The extended payload length read in WsFrameBase.processRemainingHeader was assembled into a Java long without validation. With bit 63 set the value became negative, which...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libsoup (UTSA-2026-015475)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015475 advisory. A flaw was found in libsoups WebSocket frame processing when handling incoming messages. If a non- default configuration is used where the maximum incoming payload...
CVE-2026-41400
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
CVE-2026-41400 OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
EUVD-2026-26108
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
CVE-2026-41400
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
CVE-2026-41400 OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
CVE-2026-41400
OpenClaw (voice-call component) before 2026.3.31 is affected by an incomplete fix for CVE-2026-32062: the voice-call module parses oversized WebSocket frames before start validation, allowing remote attackers to cause resource consumption and denial of service. Affected package: openclaw and @ope...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities were due to incomplete fixes to CVE-2026-32062, which could allow remote attackers to send excessively large pre-boo...
PT-2026-35784
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
SUSE CVE-2026-31649
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbofrm chain-mode implementation unconditionally computes len = nopagedlen - bmax; where nopagedlen = skbheadlenskb linear bytes only and bmax is BUFSIZE8KiB or BUFSIZE2KiB...
DEBIAN-CVE-2026-31649
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbofrm chain-mode implementation unconditionally computes len = nopagedlen - bmax; where nopagedlen = skbheadlenskb linear bytes only and bmax is BUFSIZE8KiB or BUFSIZE2KiB...
CVE-2026-31649
The CVE-2026-31649 issue affects the Linux kernel’s stmmac driver, where jumbo_frm() can underflow when processing fragmented packets. If nopaged_len is small but skb->len is large, len = nopaged_len - buf_len (with buf_len clamped to min(nopaged_len, bmax)) can still yield a large unsigned va...
CVE-2026-31649
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbofrm chain-mode implementation unconditionally computes len = nopagedlen - bmax; where nopagedlen = skbheadlenskb linear bytes only and bmax is BUFSIZE8KiB or BUFSIZE2KiB...
CVE-2026-31649 net: stmmac: fix integer underflow in chain mode
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbofrm chain-mode implementation unconditionally computes len = nopagedlen - bmax; where nopagedlen = skbheadlenskb linear bytes only and bmax is BUFSIZE8KiB or BUFSIZE2KiB...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
Important: Red Hat Security Advisory: nodejs:20 security update
An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2026-34062
nimiq-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, MessageCodec::readrequest and readresponse call readtoend on inbound substreams, so a remote peer can send only a partial frame and keep the substream open. because Behaviour::new also sets...