CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

FRRouting 输入验证错误漏洞

FRouting is an open-source network routing software suite developed for Unix-like platforms. Versions of FRRouting from stable/10.0 to stable/10.6 contain a vulnerability related to input validation. This vulnerability stems from the lack of input validation in the MPREACHNLRI component, which ma...

PT-2026-36829

Name of the Vulnerable Software and Affected Versions FRRouting FRR versions stable/10.0 through stable/10.6 Description Missing input validation in the MP REACH NLRI component allows authenticated attackers to cause a Denial of Service DoS by supplying a crafted UPDATE message. Recommendations...

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

EUVD-2026-26977

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

CVE-2026-37458

CVE-2026-37458 involves FRRouting (FRR) with a missing input validation in the MP_REACH_NLRI component, affecting FRR stable/10.0 to stable/10.6. An authenticated attacker can cause a Denial of Service by sending a crafted UPDATE message. The available connected documents confirm the affected sof...

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

net-imap vulnerable to command Injection via "raw" arguments to multiple commands

Summary Several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. Details Net::IMAP's...

net-imap vulnerable to command Injection via unvalidated Symbol inputs

Summary Symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. Details Symbol arguments represent IMAP "system flags", which are formatted as "atoms" with no quoting with a "" prefix. Vulnerable versions of Net::IMAP...

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Themes in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially serve malicious content to a user via a crafted background URL. Chromium security severity: Low...

Astra Linux – Vulnerability in WebKit2GTK

A validation issue has been addressed through improved input sanitization. This issue is fixed in iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, and macOS Monterey 12.2. Processing a maliciously crafted email message may result in the execution of arbitrary JavaScript code...

Astra Linux – Vulnerability in Apache2

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...

Astra Linux – Vulnerability in python-git

All versions of the GitPython package are vulnerable to Remote Code Execution RCE due to improper user input validation. This allows for the injection of a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to...

Astra Linux – Vulnerability in glib2.0

A flaw was discovered in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, resulting in a denial of service...

Astra Linux – Vulnerability in Linux

Improper input validation in the IntelR Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access...

websec-sql-injection

WebSec SQL Injection Учебный backend-проект по безопасности в...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Copy Fail Vulnerability Proof of Concept...

GHSA-6M5F-673F-5VH7 SGLang has an Improper Input Validation/Injection Issue

A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A hi...

SGLang has an Improper Input Validation/Injection Issue

A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A hi...