391 matches found
CVE-2026-41401
A flaw was found in libyang. This heap use-after-free write vulnerability, specifically within the lydparsersetdataflags function, occurs when the software incorrectly updates metadata list pointers during the freeing of non-head default metadata entries. A remote attacker can exploit this by...
CVE-2026-41401 affecting package libyang for versions less than 2.1.148-3
CVE-2026-41401 affecting package libyang for versions less than 2.1.148-3. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2026-41401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing...
OPENSUSE-SU-2026:10880-1 libyang-devel-3.13.6-3.1 on GA media
These are all security issues fixed in the libyang-devel-3.13.6-3.1 package on the GA media of openSUSE Tumbleweed...
libyang - Heap Use-After-Free Write in XML Metadata Parsing
...
OPENSUSE-SU-2026:10868-1 libyang-devel-3.13.6-2.1 on GA media
These are all security issues fixed in the libyang-devel-3.13.6-2.1 package on the GA media of openSUSE Tumbleweed...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the lydparsersetdataflags function. An attacker can cause process crashes or potentially execute arbitrary code by submitting crafted YANG XML documents with specific metadata attributes to applications that parse...
CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
DEBIAN-CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
UBUNTU-CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401
CVE-2026-41401 affects libyang prior to 5.2.6, where a heap-use-after-free occurs in lyd_parser_set_data_flags due to incorrect updates to metadata list pointers when freeing non-head default metadata entries. This can be triggered by submitting crafted YANG XML documents with specific metadata a...
CVE-2026-41401 libyang - Heap Use-After-Free Write in XML Metadata Parsing
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401 libyang - Heap Use-After-Free Write in XML Metadata Parsing
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
EUVD-2026-31832
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
libyang 安全漏洞
LibYang is an open-source YANG data modeling language parser and toolkit developed in C language by CESNET. Versions of LibYang prior to 5.2.6 contained security vulnerabilities. These vulnerabilities stemmed from a write vulnerability in the lyd parsersetdataflags function, which allowed attacke...
PT-2026-43252
Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.6 Description A heap use-after-free write occurs in the lyd parser set data flags function. This happens when the software incorrectly updates metadata list pointers while freeing non-head default metadata entries...
CVE-2026-44673 affecting package libyang for versions less than 2.1.148-2
CVE-2026-44673 affecting package libyang for versions less than 2.1.148-2. A patched version of the package is available...