CVE-2026-40943

Oxia is a metadata store and coordination system. Prior to 0.16.2, a race condition between session heartbeat processing and session closure can cause the server to panic with send on closed channel. The heartbeat method uses a blocking channel send while holding a mutex, and under specific timin...

oxia 竞争条件问题漏洞

Oxia is a distributed metadata storage and coordination system developed by Oxia. Versions of Oxia prior to 0.16.2 had a race condition vulnerability. This vulnerability stemmed from a race between session heartbeat processing and session termination, which could lead to server crashes due to...

PT-2026-34187

Oxia is a metadata store and coordination system. Prior to 0.16.2, a race condition between session heartbeat processing and session closure can cause the server to panic with send on closed channel. The heartbeat method uses a blocking channel send while holding a mutex, and under specific timin...

libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling

Description Summary The Rust libp2p Gossipsub implementation contains a remotely reachable panic in backoff expiry handling. After a peer sends a crafted PRUNE control message with an attacker-controlled, near-maximum backoff value, the value is accepted and stored as an Instant near the...