CVE-2026-43495

A flaw was found in the Linux kernel, specifically within the net: wwan: t7xx module. A malicious modem could exploit this vulnerability by sending a specially crafted message with an invalid portcount value. This could lead to a slab-out-of-bounds read, potentially allowing an attacker to access...

CVE-2026-44053

A flaw was found in Netatalk. Weak cryptography in the dhcast128 User Authentication Module UAM allows a remote attacker to potentially compromise the confidentiality and integrity of data. This vulnerability could enable unauthorized access to sensitive information or allow for the manipulation ...

SUSE CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

CLSA-2026-1779367740 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures - debian/patches/CVE-2026-42945.patch: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures -...

nginx: Fix of CVE-2026-42945

CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...

CVE-2026-5433

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

EUVD-2026-31251

Honeywell Control Network Module CNM contains insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing system files, potentially resulting in unintended access to protected data...

CVE-2026-5434

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-5434

...

CVE-2026-5434

...

CVE-2026-5433

...

CVE-2026-5433

CVE-2026-5433 is associated in connected sources with a Honeywell Control Network Module (CNM) vulnerability: the web interface allows command injection via crafted input (command delimiters), potentially enabling Remote Code Execution. The CVE entry itself labels the ID as rejected/withdrawn, bu...

EUVD-2026-31253

Honeywell Control Network Module CNM contains command injection vulnerability in the web interface. An attacker could exploit this vulnerability via command delimiters, potentially resulting in Remote Code Execution RCE...

CVE-2026-5433

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-5433

...

Malicious code in @budetzz/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2dbcccc761971dfc5f844f59f362fe32ee1e0b9a3cd91ddd4fc87be5c8b013a The package is published under the name @budetzz/libsignal-node, impersonating the well-known libsignal Signal-protocol library, but the homepage and...

CVE-2026-44053 Weak cryptography in DHCAST128 UAM

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

CVE-2026-44053

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

[SECURITY] Fedora 43 Update: opencryptoki-3.26.0-3.fc43

Opencryptoki implements the PKCS11 specification v3.0 and partially v3.1 for a set of cryptographic hardware, such as IBM 4767, 4768, 4769 and 4770 crypto cards, and the Trusted Platform Module TPM chip. Opencryptoki also brings a software token implementation that can be used without any cryptog...

[SECURITY] Fedora 44 Update: opencryptoki-3.26.0-3.fc44

Opencryptoki implements the PKCS11 specification v3.0 and partially v3.1 for a set of cryptographic hardware, such as IBM 4767, 4768, 4769 and 4770 crypto cards, and the Trusted Platform Module TPM chip. Opencryptoki also brings a software token implementation that can be used without any cryptog...