PT-2026-49572

Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.31 Description The parse form function fails to validate the Content-Length header before using it to limit the chunked read of the request body. Because the header value is parsed as an integer without a...

CVE-2026-49840

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, eslrecvevent parses Content-Length with atol and passes the result straight to malloclen ...

CVE-2026-49840

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, eslrecvevent parses Content-Length with atol and passes the result straight to malloclen ...

SUSE-SU-2026:22030-1 Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

SUSE-SU-2026:21942-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

SUSE-SU-2026:21906-1 Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

Astra Linux - уязвимость в libvirt

A flaw was discovered in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before performing the negative length check by the C API entry points. Passing a negative length to the gnew0 function results in a crash because the negative length is treate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In iouring/net, there is a fix for a slab-out-of-bounds read in iobundlenbufs. sqe-len is defined as u32, but it is stored in sr-len, which is of type int. When userspace values of sqe-len exceed INTMAX e.g., 0xFFFFFFFF, sr-len...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the skipGroup function. An attacker can cause a service crash by sending a crafted protobuf payload with a negative length in a length-delimited field inside a group, leading to an unchecked runtime...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the skipGroup function. An attacker can cause a service crash by sending a crafted protobuf payload with a negative length in a length-delimited field inside a group, leading to an unchecked runtime...

SUSE-SU-2026:1954-1 Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: - CVE-2026-2474: negative length parameter in the XS function can lead to a heap-based buffer overflow bsc1258266. Changes for perl-Crypt-URandom: - updated to 0.550.0 0.55 - Fix for sysread/read failures. Thanks to Miha Purg for GH20 ...

USN-8268-1: Dnsmasq vulnerabilities

Andrew S. Fasano, Royce M, and Hugo Martinez Ray discovered that Dnsmasq did not allocate the necessary space to store domain names in some contexts. An attacker could possibly use this issue to write out-of-bounds, and could cause a denial of service or execute arbitrary code. CVE-2026-2291 Royc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the ofmodalias function, we can pass the str and len parameters. This could lead to a kernel oops in vsnprintf, as the function only allows passing a NULL pointer when the length is also 0. Additionally, we need to filter out...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: uaccess: A integer overflow has been fixed in the accessok function. On three architectures, the end of a user’s access is checked against the address limit, without considering the possibility of an overflow. Passing a negative...

CVE-2026-31774 io_uring/net: fix slab-out-of-bounds read in io_bundle_nbufs()

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceeding INTMAX e.g. 0xFFFFFFFF, sr-len overflows to a negative value. This...

EUVD-2026-26587

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceeding INTMAX e.g. 0xFFFFFFFF, sr-len overflows to a negative value. This...

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the Bind.Decode function. An attacker can cause unexpected memory access or application crashes by sending specially crafted input with negative parameter length to bypass validation and cause an...

DEBIAN-CVE-2026-32286

The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...