PageIndex 安全漏洞

PageIndex is an open-source inference-based retrieval-enhanced generation tool developed by Vectify AI. There are security vulnerabilities in PageIndex f50e52975313c6716c02b20a119577a1929decba and previous versions of it. These vulnerabilities stem from the toctransformer function in the PDF Tabl...

Unity Linux 20.1060e / 20.1070e Security Update: pdfbox (UTSA-2026-017622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017622 advisory. In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted or fuzzed file can trigger an infinite loop which leads to an out of memory exception in...

EUVD-2026-28983

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlibworkerloop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

CVE-2026-8232

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlibworkerloop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

UBUNTU-CVE-2026-7263

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

CVE-2026-8232

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlibworkerloop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

CVE-2026-8232 Dotouch XproUPF UPF Process libvlib.so vlib_worker_loop denial of service

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlibworkerloop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

CVE-2026-8232 Dotouch XproUPF UPF Process libvlib.so vlib_worker_loop denial of service

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlibworkerloop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

CVE-2026-8232

Dotouch XproUPF 2.0.0-release-088aa7c4 contains a vulnerability in UPF Process: the function vlib_worker_loop in the library /usr/xpro/upf/tools/libs/libvlib.so can be manipulated to cause a denial of service. The available documents identify the affected component and the root cause as a manipul...

CVE-2026-7263 DoS attack via DOMNode::C14N()

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

CVE-2026-7263 DoS attack via DOMNode::C14N()

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

EUVD-2026-28981

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

CVE-2026-7263

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

PT-2026-39458

Name of the Vulnerable Software and Affected Versions PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description The DOMNode::C14N method may process XML data incorrectly, leading to the creation of a circular linked list within the data structure that represents the XML...

openSUSE 16 Security Update : mozjs128 (openSUSE-SU-2026:20674-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20674-1 advisory. - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value...

PT-2026-39460

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib worker loop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

Dotouch XproUPF 安全漏洞

Dotouch XproUPF is an intelligent conference tablet device from the Dotouch company, featuring integrated touch display and multimedia interaction capabilities. The Dotouch XproUPF 2.0.0-release-088aa7c4 version contains a security vulnerability. This vulnerability stems from a denial-of-service...

OESA-2026-2249 golang security update

. Security Fixes: SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.CVE-2026-27140 Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a...

OESA-2026-2247 golang security update

. Security Fixes: SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.CVE-2026-27140 Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a...

OESA-2026-2226 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...