UBUNTU-CVE-2026-42484

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

CVE-2026-43044

The CVE-2026-43044 issue affects the Linux kernel's crypto: caam module. When processing HMAC keys longer than the block size, the copied key’s memory was not properly aligned for DMA, risking corruption of adjacent memory. The vulnerability’s root cause was the allocation of a copy that relied o...

CVE-2026-31719

In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...

CVE-2026-31719

In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...

CVE-2026-31719 crypto: krb5enc - fix async decrypt skipping hash verification

In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...

CVE-2026-31719

CVE-2026-31719 concerns the Linux kernel crypto/krb5enc async decrypt path where the skcipher completion could bypass the hash verification, bypassing integrity checks. The root cause is krb5enc_dispatch_decrypt() signaling completion without invoking krb5enc_dispatch_decrypt_hash(). The fix adds...

EUVD-2026-26528

In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...

Exploit for External Control of File Name or Path in Microsoft

CVE-2025-24054 PoC A simple Proof of Concept for CVE-2025-2...

OSV-2026-659 Heap-buffer-overflow in ___interceptor_strncpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=507904196 Crash type: Heap-buffer-overflow WRITE Crash state: interceptorstrncpy concathashstring ndpisearchsshtcp...

hashcat 缓冲区错误漏洞

Hashcat is a high-performance password recovery and cracking tool developed by Hashcat developers. Version 7.1.2 of Hashcat contains a buffer overflow vulnerability. This vulnerability stems from the hextobinary function in the PKZIP hash parser, which has a heap-based buffer overflow. This occur...

CVE-2026-42483

CVE-2026-42483 describes a heap-based buffer overflow in the Kerberos hash parser of hashcat v7.1.2, affecting the module_hash_decode path in multiple Kerberos-related modules. The root cause is that account_info_len is calculated from untrusted delimiter positions without upper-bound validation,...

PT-2026-36349

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the krb5enc dispatch decrypt function allows asynchronous decryption to bypass integrity verification. The function sets the caller's completion handler as the callback, which...

CVE-2026-42483

A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...

PT-2026-36352

Name of the Vulnerable Software and Affected Versions hashcat version 7.1.2 Description A heap-based buffer overflow exists in the Kerberos hash parser. The issue occurs within the module hash decode function across several Kerberos-related modules. It is caused by the account info len variable...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the crypto authencesn module failing to save the high sequence bits in dst when decrypting out-of-place,...

CVE-2026-42484

Hashcat v7.1.2 contains a heap-based buffer overflow in the PKZIP hash parser’s hex_to_binary function. When data_type_enum

EUVD-2026-26531

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the asynchronous decryption of krb5enc without hashing verification, potentially allowing for...

CVE-2026-42484

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

CVE-2026-42484

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...