1973 matches found
CVE-2026-62389
ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...
PT-2026-60379
Name of the Vulnerable Software and Affected Versions affected versions not specified Description When used with the permessage-deflate extension, a WebSocket server or client may accept messages exceeding the configured maximum size. This occurs because the size limit is validated against the...
CVE-2026-59857 Vim: Out-of-bounds Write in SAL Soundfolding
Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spellsoundfoldsal in src/spell.c translates a word through a spell file's SAL sound-folding rules into a caller-owned result buffer, but its result writes are guarded with reslen MAXWLEN, allowing reslen...
openssh: OpenSSH: Denial of Service via excessive GSSAPI authentication attempts
A flaw was found in OpenSSH's Secure Shell Daemon sshd. This vulnerability allows a remote attacker to cause a denial of service by initiating an excessive number of authentication attempts. The issue arises from the mishandling of the MaxAuthTries setting specifically when using...
CVE-2026-55432 Coder's sub-agent app registration bypasses template port-sharing policy enforcement
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the CreateSubAgent RPC did not validate a requested app sharing level against the template's MaxPortSharingLevel before persisting workspace apps, letting a...
CVE-2026-55079
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, NewDataBuilder in provisionersdk/proto/dataupload.go allocated a byte slice using the client-supplied FileSize from a...
CVE-2026-60000
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...
CVE-2026-60000
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...
CVE-2026-55079 Coder's unbounded memory allocation in provisioner file upload allows authenticated denial of service
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, NewDataBuilder in provisionersdk/proto/dataupload.go allocated a byte slice using the client-supplied FileSize from a...
Improper Authorization
The CreateSubAgent RPC is vulnerable to improper authorization. The vulnerability is due to the failure to validate the requested app sharing level against the template's maximum allowed sharing level before persisting workspace apps, which allows a workspace owner to exceed the...
PYSEC-2026-1956 TensorFlow has Null Pointer Error in SparseSparseMaximum
Impact When SparseSparseMaximum is given invalid sparse tensors as inputs, it can give an NPE. python import tensorflow as tf tf.rawops.SparseSparseMaximum aindices=1, avalues = 0.1 , ashape = 2, bindices=, bvalues =2 , bshape = 2, Patches We have patched the issue in GitHub commit...
CVE-2026-21370
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...
CVE-2026-21379
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value...
Coder's sub-agent app registration bypasses template port-sharing policy enforcement
Summary The CreateSubAgent RPC did not validate a requested app sharing level against the template's MaxPortSharingLevel before persisting workspace apps, letting a workspace owner exceed the administrator's configured maximum. Note: Exploitation requires the ability to register sub-agent apps in...
GHSA-F962-QM93-MJ4C Coder's unbounded memory allocation in provisioner file upload allows authenticated denial of service
Summary NewDataBuilder in provisionersdk/proto/dataupload.go allocated a byte slice using the client-supplied FileSize from a DataUpload message without an upper-bound check. Although the DRPC wire limit is 4 MiB, the FileSize value itself was unconstrained Impact An authenticated user able to...
GHSA-GV83-GQW6-9J2C GoFiber never set HSTS header in helmet middleware due to incorrect protocol check
Summary The helmet middleware in gofiber/fiber never sets the Strict-Transport-Security HSTS response header, even when HSTSMaxAge is explicitly configured, because the condition check at helmet.go:67 uses c.Protocol — which returns the HTTP protocol version string e.g., "HTTP/1.1", "HTTP/2.0" —...
EUVD-2026-41929
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value...
CVE-2026-21379
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value...
CVE-2026-21370
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...
EUVD-2026-41928
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...