GHSA-XMFJ-7PP5-FXR6 Llama Stack exposes secret in initialization log

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

Llama Stack exposes secret in initialization log

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

CVE-2026-25211

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

CVE-2026-25211

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2025-4478: Fixed initialization of function pointers after resource allocations bsc1243109 CVE-2026-22851: Fixed RDPGFX ResetGraphics race leading to use-after-free in SDL client sdl-primary bsc1256717 CVE-2026-22852: Fixed...

CVE-2026-25211

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

EUVD-2026-5041

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

CVE-2026-25211

Llama Stack (llama-stack)

CVE-2026-25211

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

PT-2026-5384

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

Exploit for CVE-2025-15467

CVE-2025-15467 Stack buffer overflow in OpenSSL CMS AuthEnvel...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

SUSE CVE-2026-22988

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

CVE-2025-15467

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

SUSE CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...