778 matches found
CVE-2026-14742
A flaw was found in langgraph. A remote attacker could exploit this vulnerability by manipulating the defaultcachekey argument within the freeze function of the Task Result Cache component. This manipulation leads to the use of a weak hash, which may result in limited information disclosure...
CVE-2026-14742
A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...
EUVD-2026-41747
A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...
CVE-2026-14742
The CVE affects langchain-ai langgraph up to 1.2.4. The vulnerability lies in the function _freeze in libs/langgraph/langgraph/_internal/_cache.py (Task Result Cache). Manipulating the argument default_cache_key causes use of a weak hash, enabling a possible remote attack. Exploitation is describ...
CVE-2026-14742 langchain-ai langgraph Task Result Cache _cache.py _freeze weak hash
A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...
CVE-2026-14742 langchain-ai langgraph Task Result Cache _cache.py _freeze weak hash
A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Quota: Fixed a livelock issue between quotactl and freezesuper. When a filesystem is frozen, quotactlblock enters a retry loop, waiting for the filesystem to thaw. It acquires sumount, checks the freeze state, releases sumount, a...
CVE-2026-55199
A vulnerability in libssh2 allows a malicious SSH server to freeze connected clients during the handshake process. By sending a malformed packet, the server triggers a loop that exhausts the client's CPU, resulting in a denial of service. Mitigation To mitigate this issue, ensure your libssh2...
DEBIAN-CVE-2026-44496
Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...
CVE-2026-44496
Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...
EUVD-2026-36259
Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...
DEBIAN-CVE-2026-10143
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...
Unchecked Input for Loop Condition
Overview kafka-python is a Pure Python client for Apache Kafka Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the SCRAM authentication handling. An attacker can cause the client's event loop to freeze by supplying an excessively large iteration count...
kafka-python 资源管理错误漏洞
Kafka-Python is a distributed stream processing engine client library written entirely in Python by Dana Powers. Versions of Kafka-Python prior to 2.3.2 contained a resource management vulnerability. This vulnerability stemmed from the lack of verification of the iteration count during SCRAM...
CVE-2026-5938
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
EUVD-2026-34138
In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ibmveth driver not disabling GSO for data packets with an MSS of less than 224 bytes. This...
Linux Distros Unpatched Vulnerability : CVE-2026-45895
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It...
SUSE CVE-2026-45895
In the Linux kernel, the following vulnerability has been resolved: quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It acquires sumount, checks the freeze state, drops sumount and uses...
CVE-2026-45895
A flaw was found in the Linux kernel. A local attacker could exploit a livelock condition between the quotactl and freezesuper operations. This occurs when a filesystem is frozen and the quotactlblock function enters a retry loop, preventing the system from reaching an RCU Read-Copy Update...