PT-2026-37377

Name of the Vulnerable Software and Affected Versions gnutls versions prior to 3.8.13-1.1 Description Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key incorrectly match usernames containing a NUL character with truncated usernames. A remote attacker can exploit this by sendi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-015454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015454 advisory. A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the...

Linux Distros Unpatched Vulnerability : CVE-2026-6238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA leng...

CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...

EUVD-2026-26071

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...

DEBIAN-CVE-2026-40556

Bulletin has no description...

CVE-2026-40556

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-5435

A flaw was found in glibc, the GNU C Library. Specifically, deprecated functions responsible for printing TSIG Transaction Signature records fail to properly manage memory buffers. This oversight can lead to an out-of-bounds write when processing specially crafted TSIG records. An attacker could...

CVE-2026-40556

Removed by vendor...

EUVD-2026-26053

GNU nano creates the user’s /.local directory with overly permissive permissions when the directory does not exist yet. On first use of features requiring Cross-Desktop Group XDG data storage, nano explicitly requests directory mode 0777, making the directory world‑writable in environments where...

CVE-2026-40556

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

DEBIAN-CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435 Potential buffer overflow in ns_sprintrrf TSIG handling path

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435

CVE-2026-5435 affects the GNU C Library (glibc) where deprecated functions for printing TSIG records (ns_printrrf, ns_printrr, fp_nquery) do not respect caller buffer lengths, enabling an out-of-bounds write in versions 2.2 and newer. This can lead to a denial of service and, in some scenarios, p...

[SECURITY] Fedora 42 Update: cockpit-357-2.fc42

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.2 and later contain security vulnerabilities. These vulnerabilities arise when functions such as nsprintrrf, nsprintrr, and fpnquery handle...

GNU nano 安全漏洞

GNU nano is a lightweight terminal text editor from the GNU community in the United States. Versions of GNU nano prior to 9.0 contained security vulnerabilities. These vulnerabilities stemmed from overly permissive permissions when creating the user’s /.local directory. This could allow local...

CLSA-2026-1777308938 gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...