RLSA-2026:2225 Critical: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 For more details about the...

Pion DTLS 信息泄露漏洞

Pion DTLS is an open-source implementation of the DTLS Data Transfer Layer Security Protocol based on the Go language. Versions of Pion DTLS from 1.0.0 to 3.1.0 have a vulnerability related to information leakage. This vulnerability stems from the use of random numbers for AES GCM encryption, whi...

sunbird-portal 安全漏洞

sunbird-portal is an open-source portal developed by Sunbird-ED. Version 1.13.4 of sunbird-portal contains a security vulnerability. This vulnerability stems from the application disabling TLS/SSL certificate verification by setting rejectUnauthorized to false, which may allow attackers to obtain...

CVE-2025-70029

CVE-2025-70029 affects Sunbird-Ed SunbirdEd-portal v1.13.4. The issue is that TLS/SSL certificate validation is disabled by setting 'rejectUnauthorized': false in HTTP request options, which can lead to information exposure. The CVSS 3.1 vector indicates Network access with low attack complexity ...

PT-2026-7627

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options...

CVE-2025-70029

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options...

RockyLinux 10 : keylime (RLSA-2026:2225)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2225 advisory. keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 Tenable has...

agent-builder (>=0.0.2 <=0.1.7), agent-memory-layer (>=0.1.0 <=0.1.1) +62 more potentially affected by CVE-2026-26013 via langchain-openai (>=1.0.0 <=1.1.7)

langchain-openai PYPI version =1.0.0, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =3.0.3, =0.0.48, =0.0.54, =0.1.2, =0.1.0, =0.1.0, =0.9.0 and more Source cves: CVE-2026-26013 Source advisory: SNYK:PYTHON-LANGCHAINOPENAI-15263095...

nodejs: Nodejs denial of service

A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError and error, causing either immediate...

nodejs: Nodejs denial of service

A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError and error, causing either immediate...

nodejs: Nodejs denial of service

A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError and error, causing either immediate...

CVE-2025-66598

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TLS versions, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVR...

SUSE CVE-2026-1709

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

Breaking 5G on the Lower Layer

As 3GPP systems have strengthened security at the upper layers of the cellular stack, plaintext PHY and MAC layers have remained relatively understudied, though interest in them is growing. In this work, we explore lower-layer exploitation in modern 5G, where recent releases have increased the...

GNU Transport Layer Security Library 3.8.12

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

📄 crypto/x509 TLS Certificate Parsing

This Go program demonstrates a theoretical denial of service risk associated with handling unusually large X.509 certificates in TLS connections. It programmatically generates a self-signed certificate containing a very large number of Subject Alternative Names SANs and configures an HTTP client ...

CVE-2026-25961 SumatraPDF Update MITM -> Arbitrary Code Execution

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification INTERNETFLAGIGNORECERTCNINVALID and executes installers without signature checks. A network attacker with any valid TLS certificate e.g., Let's Encrypt can...

CVE-2026-24680 FreeRDP has a heap-use-after-free in update_pointer_new(SDL)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

Critical: Red Hat Security Advisory: keylime security update

An update for keylime is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...