CVE-2026-41244

Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator !== to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy CWE-208,...

EUVD-2026-12606

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification...

CVE-2026-32290 GL-iNet Comet (GL-RM1) KVM insufficient firmware verification

The GL-iNet Comet GL-RM1 KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification...

PT-2026-25841

Name of the Vulnerable Software and Affected Versions Open Neural Network Exchange ONNX versions through 1.20.1 Description ONNX is an open standard for machine learning interoperability. A security control bypass exists in the onnx.hub.load function due to flawed repository trust verification...

CVE-2025-31130

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...

gitoxide does not detect SHA-1 collision attacks

Summary gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. Details gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct G...

Buildroot Security Vulnerabilities

Buildroot is Buildroot open source set of Makefile and Patch files. It is used to simplify and automate the process of building a complete and bootable Linux environment for embedded systems. A security vulnerability exists in Buildroot version 2023.08.1 and dev commit 622698d7847, which stems fr...

Buildroot Security Vulnerabilities

Buildroot is Buildroot open source set of Makefile and Patch files. It is used to simplify and automate the process of building a complete and bootable Linux environment for embedded systems. A security vulnerability exists in Buildroot version 2023.08.1 and dev commit 622698d7847, which stems fr...

CVE-2021-26608

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash...