JLSEC-2026-16

In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...

JLSEC-2026-14

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuitdifftype function in pch.c, aka a "mangled rename" issue...

JLSEC-2026-13

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

[SECURITY] Fedora 44 Update: insight-18.0.50.20260306-2.fc44

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

EUVD-2026-17144

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

UBUNTU-CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

CVE-2026-4046

The CVE-2026-4046 issue affects the iconv() function in glibc up to version 2.43, where input conversion from IBM1390/IBM1399 can trigger an assertion failure and cause remote crashes. Affected component: GNU C Library (glibc). Underlying cause: assertion failure during character-set conversion. ...

CVE-2026-4046 iconv crash due to assertion failure with untrusted input

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the iconv function, which could crash due to assertion...

[SECURITY] Fedora 43 Update: bcftools-1.23.1-1.fc43

BCFtools is a set of utilities that manipulate genomic variant calls in the Variant Call Format VCF and its binary counterpart BCF. All commands work transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed. This BCFtools includes the polysomy subcommand, which is implemented...

OPENSUSE-SU-2026:10449-1 gsl-2.8-5.1 on GA media

These are all security issues fixed in the gsl-2.8-5.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260327-73-0001

A vulnerability in GnuPG, a program for encrypting information and creating electronic digital signatures, involves insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260327-73-0004

Vulnerability in gnupg2 related to incorrect cryptographic signature verification. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

Exploit for Argument Injection in Gnu Inetutils

Telnet Vulnerability Scanner CVE-2026-24061 & CVE-2026-32746...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-006302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006302 advisory. When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size...

SUSE CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...