121 matches found
CVE-2026-40197
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...
CVE-2026-40197
Incus CVE-2026-40197 describes a nil-pointer dereference in the custom volume import path. During import, the code iterates over srcBackup.Config.VolumeSnapshots and dereferences each element without validating it, allowing an attacker-controlled null entry in volume_snapshots to crash the daemon...
CVE-2026-40195 Incus nil-pointer dereference in storage bucket import allows denial of service
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bucket import logic allows an authenticated user with access to the storage bucket feature to cause the Incus daemon to crash. The vulnerability is present in the backup...
PT-2026-37259
Name of the Vulnerable Software and Affected Versions GoBGP versions prior to 4.5.0 Description An unauthenticated remote BGP peer can cause a fatal panic and complete loss of service availability by sending a specially crafted BGP UPDATE message. When the server receives a message with...
Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS (gatekeeper.go)
Summary A nil pointer dereference in server/auth/gatekeeper.go rbacAuthorization causes a panic denial of service for SSO users whose claims match a namespace-level RBAC rule but not an SSO-namespace rule, when SSODELEGATERBACTONAMESPACE=true. Details When getServiceAccountclaims, ssoNamespace...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the restore process when handling a crafted backup archive containing a valid backup/index.yaml and a malformed legacy backup.yaml file that omits the container section. An attacker can cause the daemon to...
GHSA-FWJ8-62R8-8P8M Incus has Nil-Pointer Dereference via S3 Bucket Import
Summary Missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. Details It was found that TransferManager.UploadAllFiles iterates over tar entries but only checks for io.EOF from tr.Next. When tr.Next...
Incus has a Nil-Pointer Dereference via Custom Volume Import
Summary Missing validation logic in the storage volume import logic allows an authenticated user with access to Incus' storage volume feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The custom volume...
GHSA-R7W7-MMXR-47R9 Incus has a Nil-Pointer Dereference via Custom Volume Import
Summary Missing validation logic in the storage volume import logic allows an authenticated user with access to Incus' storage volume feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The custom volume...
Incus has a Nil-Pointer Dereference Panic via Bucket Metadata
Summary Missing validation logic in the storage bucket import logic allows an authenticated user with access to Incus' storage bucket feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The storage bucket...
PT-2026-37101
Name of the Vulnerable Software and Affected Versions Incus versions prior to 7.0.0 Description Missing validation logic in the storage bucket import process allows an authenticated user with access to the storage bucket feature to cause the Incus daemon to crash. The issue occurs in the backup...
PT-2026-37137
Name of the Vulnerable Software and Affected Versions Incus versions prior to 7.0.0 Description Missing error handling in the TransferManager.UploadAllFiles function allows an authenticated user to cause a daemon crash. The issue occurs during the import of a truncated or corrupted storage bucket...
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...
GO-2026-4899 Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted in github.com/bishopfox/sliver
Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...
CVE-2026-33064
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...
Missing Default Case in Switch Statement
Overview Affected versions of this package are vulnerable to Missing Default Case in Switch Statement in the DataChangeNotification process due to a nil pointer dereference. An attacker can cause a panic and disrupt service availability by triggering this process with crafted input. Remediation...
GO-2026-4757 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference in github.com/free5gc/udm
free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference in github.com/free5gc/udm...
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...
CVE-2026-33064 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...
CVE-2026-33064
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...