CVE-2026-6042

A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix...

CVE-2026-40200

An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms o...

CVE-2026-40200

An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms o...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

AutoPwn

/ \ | | | ...

📄 glibc 2.38 Buffer Overflow

This is a local privilege escalation exploit for CVE-2023-4911, also known as "Looney Tunables", caused by a buffer overflow in the glibc dynamic loader's environment variable parsing logic. The vulnerability is triggered by crafting a maliciously long GLIBCTUNABLES string which corrupts internal...

Security update for glibc (important)

openSUSE security update: security update for glibc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20133-1 Rating: important References: bsc1236282 bsc1256436 bsc1256766 bsc1256822 bsc1257005 Cross-References: CVE-2025-0395 CVE-2025-15281...

Linux Distros Unpatched Vulnerability : CVE-2025-15281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized...

UBUNTU-CVE-2026-0915

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver...

CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

CVE-2026-0861

GLIBC memalign family (memalign, posix_memalign, aligned_alloc) in GNU C Library versions 2.30–2.42 is affected by an integer overflow when an input alignment is too large and the size argument is near PTRDIFF_MAX, which can lead to heap corruption. Exploitation requires the attacker to control b...

MiracleLinux 3 : kdelibs-3.5.5-11.25AXS3 (AXSA:2009-427:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-427:02 advisory. KDE Libraries include: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling...

ethical-hacking-excersises

Exploitation Techniques – Course Exercises Repository Over...

EUVD-2026-1910

Malicious code in libc-dev PyPI...

Malicious code in libc-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cb6d8dc8c1dde2d0e31a36f23ab7fbd5931d00834eef4d6ee225cada5edbb44c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-191 Malicious code in libc-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cb6d8dc8c1dde2d0e31a36f23ab7fbd5931d00834eef4d6ee225cada5edbb44c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2022-35023

OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x8664-linux-gnu/libc.so.6+0xbb384...

CVE-2022-35469

OTFCC v0.10.4 was discovered to contain a segmentation violation via /x8664-linux-gnu/libc.so.6+0xbb384...

CVE-1999-0789

Buffer overflow in AIX ftpd in the libc library...

PT-2026-26670

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.34 through 2.43 Description The GNU C Library contains a flaw where calling the gethostbyaddr or gethostbyaddr r functions with a specific nsswitch.conf configuration utilizing the library’s DNS backend may lead to a...