CVE-2026-35480

go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.22.0, the DAG-CBOR decoder uses collection sizes declared in CBOR headers a...

CVE-2026-35480

CVE-2026-35480 affects the go-ipld-prime project, specifically the DAG-CBOR decoder. Prior to version 0.22.0, the decoder uses collection size hints from CBOR headers as preallocation hints for maps and lists without capping them or accounting for their cost in its allocation budget. This can lea...

CVE-2026-35480 go-ipld-prime's DAG-CBOR decoder unbounded memory allocation from CBOR headers

go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.22.0, the DAG-CBOR decoder uses collection sizes declared in CBOR headers a...

CVE-2026-35480 go-ipld-prime's DAG-CBOR decoder unbounded memory allocation from CBOR headers

go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.22.0, the DAG-CBOR decoder uses collection sizes declared in CBOR headers a...

go-ipld-prime 安全漏洞

go-ipld-prime is an implementation of the IPLD open-source specification interface. Versions of go-ipld-prime prior to 0.22.0 contained security vulnerabilities. These vulnerabilities stemmed from the DAG-CBOR decoder using the set size declared in the CBOR header as a hint for Go’s pre-allocatio...

ImageMagick security update

6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal SVG decoder CVE-2026-25985 6.9.10.68-7.0.5 - Fix CVE-2025-62171 and CVE-2026-23876 Orabug: 38997140 6.9.10.68-7.0.3 - Security...

Trane Tracer SC, Tracer SC+, and Tracer Concierge Memory Allocation with Excessive Size Value (CVE-2026-28253)

A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to cause a denial-of-service condition This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Oracle Linux 7 : ImageMagick (ELSA-2026-5573)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-5573 advisory. - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the interna...

go-ipld-prime: DAG-CBOR decoder unbounded memory allocation from CBOR headers

The DAG-CBOR decoder uses collection sizes declared in CBOR headers as Go preallocation hints for maps and lists. The decoder does not cap these size hints or account for their cost in its allocation budget, allowing small payloads to cause excessive memory allocation. A CBOR map or list header c...

GHSA-378J-3JFJ-8R9F go-ipld-prime: DAG-CBOR decoder unbounded memory allocation from CBOR headers

The DAG-CBOR decoder uses collection sizes declared in CBOR headers as Go preallocation hints for maps and lists. The decoder does not cap these size hints or account for their cost in its allocation budget, allowing small payloads to cause excessive memory allocation. A CBOR map or list header c...

SUSE CVE-2026-31391

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM -tfmcount leak If memory allocation fails, decrement -tfmcount to avoid blocking future reads...

EUVD-2026-18764

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM -tfmcount leak If memory allocation fails, decrement -tfmcount to avoid blocking future reads...

CVE-2026-31391

A flaw was found in the Linux kernel's atmel-sha204a component. This issue arises when the system attempts to allocate memory, and that allocation fails. If not properly handled, a resource counter, tfmcount, is not correctly decremented, leading to a resource leak. This can be exploited by a loc...

CVE-2026-23419

A flaw was found in the Linux kernel's net/rds module. This vulnerability involves a circular locking dependency within the rdstcptune function. The issue arises when the sknetrefcntupgrade function performs memory allocation while a socket lock is held, creating a deadlock with the fsreclaim loc...

CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

CVE-2026-23419

CVE-2026-23419 affects the Linux kernel’ s RDS implementation. The issue is a circular locking dependency in net/rds: a memory allocation performed inside the socket lock during the call to sk_net_refcnt_upgrade() creates a deadlock with fs_reclaim. The root cause is that sk_net_refcnt_upgrade() ...

CVE-2026-23419 net/rds: Fix circular locking dependency in rds_tcp_tune

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

PT-2026-30033

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a circular locking dependency within the rds tcp tune function. The sk net refcnt upgrade function is called while holding the socket lock, leading to a circula...

CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the lzmaindexdecoder function when processing an empty index, followed by a call to lzmaindexappend. An attacker can cause a buffer overflow and disrupt service availability by providing a specially crafted...