AZL-79500 CVE-2026-26018 affecting package coredns 1.11.4-14

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

AZL-79529 CVE-2026-26018 affecting package coredns 1.11.1-25

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

CVE-2026-26018

CoreDNS prior to version 1.14.2 contains a DoS in the loop-detection plugin due to a predictable PRNG used for a secret query name and a fatal error handler that terminates the process. The issue can crash the DNS server when processing specially crafted DNS queries and is classified with CVSS v3...

CVE-2026-26018

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

CVE-2026-26018 CoreDNS Loop Detection Denial of Service Vulnerability

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

CVE-2026-26018

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

CVE-2026-26018 CoreDNS Loop Detection Denial of Service Vulnerability

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

CVE-2026-26018 CoreDNS Loop Detection Denial of Service Vulnerability

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

CLSA-2026-1772810768 python3: Fix of CVE-2025-8194

CVE-2025-8194: tarfile: validate archives to ensure non-negative member offsets to prevent infinite loop and resource exhaustion...

PT-2026-23722

Name of the Vulnerable Software and Affected Versions CoreDNS versions prior to 1.14.2 Description CoreDNS is a DNS server that utilizes chained plugins. A denial of service condition exists in the loop detection plugin due to a predictable pseudo-random number generator PRNG used for generating ...

Cisco Nexus 3600 9500-R Series Switching Platforms Layer 2 Loop DoS (cisco-sa-nxos-ether-dos-Kv8YNWZ4)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. - A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated,...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

Medium: libpng

Issue Overview: libpng: An out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the processing of malformed DWARF debugrnglists data. An attacker can cause a denial of service by providing specially crafted input files. Remediation A fix was pushed into the master branch but no...

NewStart CGSL MAIN 6.06 (SP) : glibc Multiple Vulnerabilities (NS-SA-2026-0027)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has glibc packages installed that are affected by multiple vulnerabilities: - The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition through the processing of crafted binaries containing malformed DWARF debug information. An attacker can cause the application to crash or become unresponsive by supplying specially crafted input files...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Linux Distros Unpatched Vulnerability : CVE-2026-23234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid UAF in f2fswriteendio As syzbot reported an use-after-free issue in f2fswriteendio. It is caused by below race condition: loop device umount ...