Lucene search
K

7 matches found

EUVD
EUVD
added 2026/07/06 7:51 p.m.7 views

EUVD-2026-24978

comm: lossy UTF-8 conversion silently corrupts non-UTF-8 output...

3.3CVSS5.9AI score0.00176EPSS
Exploits1References6
OSV
OSV
added 2026/04/22 6:31 p.m.8 views

GHSA-HWHF-8P2F-45WR Duplicate Advisory: coreutils' comm utility silently corrupts data by performing lossy UTF-8 conversion on all output lines

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6gcw-w7cp-94g9. This link is maintained to preserve external references. Original Description The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines...

3.3CVSS5.9AI score0.00176EPSS
Exploits1References6
NVD
NVD
added 2026/04/22 5:16 p.m.7 views

CVE-2026-35346

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS0.00176EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/22 4:7 p.m.30 views

CVE-2026-35346 uutils coreutils comm Silent Data Corruption via Lossy UTF-8 Normalization

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS0.00176EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:7 p.m.3 views

CVE-2026-35346

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS5.8AI score0.00176EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34482

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The comm utility silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation utilizes the String::from utf8 lossy function, which replaces...

3.3CVSS6AI score0.00176EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-35346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses...

3.3CVSS5.8AI score0.00176EPSS
Exploits1References3
Rows per page
Query Builder