Astra Linux – Vulnerability in Golang-1.15

In Go versions before 1.15.13 and 1.16.x, as well as before 1.16.5, there might be a panic occurring when a large exponent is used in the math/big.RatSetString or Un MarshalText method...

Astra Linux – Vulnerability in pillow

In Pillow’s PIL.ImageMath.eval before version 9.0.0, it was possible to evaluate arbitrary expressions, including those that used the Python exec method. A lambda expression could also be used...

Astra Linux – Vulnerability in pillow

Pillow through 10.1.0 allows for arbitrary code execution via the environment parameter. This is a different vulnerability than CVE-2022-22817, which involved the expression parameter...

[SECURITY] Fedora 43 Update: glibc-2.42-12.fc43

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

CVE-2026-41238

DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype pollution-based XSS bypass. When an application uses DOMPurify.sanitize with the default configuration no CUSTOMELEMENTHANDLING option, a prior prototype...

EUVD-2026-25146

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

Eval Injection

Overview verl is a verl: Volcano Engine Reinforcement Learning for LLM Affected versions of this package are vulnerable to Eval Injection via the mathequal function. An attacker can execute arbitrary code by supplying crafted input that is processed by an unsafe evaluation mechanism. Remediation...

GHSA-H57C-V2V3-5V3V verl's math_equal() Vulnerable to Arbitrary Code Execution via Unsafe eval()

A vulnerability was identified in ByteDance verl up to 0.7.1. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to a sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

verl's math_equal() Vulnerable to Arbitrary Code Execution via Unsafe eval()

A vulnerability was identified in ByteDance verl up to 0.7.1. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to a sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2026-6878

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2026-6878 ByteDance verl grader.py math_equal sandbox

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2026-6878

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2026-6878 ByteDance verl grader.py math_equal sandbox

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2026-6878

Technical details are not publicly available in the provided documents for CVE-2026-6878. Monitor for updates as new information may be added.

PT-2026-34591

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math equal of the file prime math/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007005)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007005 advisory. In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we che...

org.webjars.npm:built-in-math-eval (=0.3.0), org.webjars.npm:interval-arithmetic-eval (=0.4.6) potentially affected by CVE-2026-41507 via org.webjars.npm:math-codegen (=0.3.5)

org.webjars.npm:math-codegen MAVEN version =0.3.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:math-codegen and may be impacted: - org.webjars.npm:built-in-math-eval =0.3.0 - org.webjars.npm:interval-arithmetic-eval =0.4.6 Source cve...

built-in-math-eval (>=0.1.0 <=0.3.1), function-plot (>=1.0.0 <=1.14.0) +1 more potentially affected by CVE-2026-41507 via math-codegen (>=0.2.5 <=0.4.2)

math-codegen NPM version =0.2.5, =0.1.0, =1.0.0, =0.2.0, =0.5.2 Source cves: CVE-2026-41507 Source advisory: OSV:GHSA-P6X5-P4XF-CC4R...

built-in-math-eval (>=0.1.0 <=0.3.1), function-plot (>=1.0.0 <=1.14.0) +1 more potentially affected by CVE-2026-41507 via math-codegen (>=0.2.5 <=0.4.2)

math-codegen NPM version =0.2.5, =0.1.0, =1.0.0, =0.2.0, =0.5.2 Source cves: CVE-2026-41507 Source advisory: SNYK:JS-MATHCODEGEN-16420747...

Arbitrary Code Injection

Overview math-codegen is a Generates code from mathematical expressions Affected versions of this package are vulnerable to Arbitrary Code Injection via the parse function. An attacker can execute arbitrary code by supplying crafted input that is injected directly into a dynamically created...