SUSE SLES12 Security Update : libyang (SUSE-SU-2026:2334-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2334-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML...

MiracleLinux 8 : libyang-1.0.184-2.el8_10.ML.1 (AXSA:2026-777:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-777:01 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...

RHEL 8 : libyang (RHSA-2026:24545)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:24545 advisory. Libyang is YANG data modeling language parser and toolkit written and providing API in C. Security Fixes: libyang: libyang: Denial of Service or...

CVE-2026-41401

A flaw was found in libyang. This heap use-after-free write vulnerability, specifically within the lydparsersetdataflags function, occurs when the software incorrectly updates metadata list pointers during the freeing of non-head default metadata entries. A remote attacker can exploit this by...

EUVD-2019-10941

Malware in sbrugna...

EUVD-2019-8955

Malware in sbrugna...

EUVD-2019-10942

Malware in sbrugna...

EUVD-2021-15559

Malware in sbrugna...

EUVD-2019-10947

Malware in sbrugna...

EUVD-2019-10948

Malware in sbrugna...

EUVD-2019-10944

Malware in sbrugna...

EUVD-2021-15558

Malware in sbrugna...

EUVD-2021-15555

Malware in sbrugna...

EUVD-2021-15557

Malware in sbrugna...

EUVD-2019-8954

Malware in sbrugna...

EUVD-2023-30708

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-20393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double-free is present in libyang before v1.0-r1 in the function yyparse when an empty description is used. Applications that use libyang to parse untrusted...

Linux Distros Unpatched Vulnerability : CVE-2019-20392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key...

Linux Distros Unpatched Vulnerability : CVE-2019-20398

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference is present in libyang before v1.0-r3 in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup...

Linux Distros Unpatched Vulnerability : CVE-2019-20394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use...