GHSA-92VJ-HP7M-GWCJ Nerdbank.MessagePack has Inefficient CPU Computation

Impact Applications that call OptionalConverters.WithExpandoObjectConverter and deserialize untrusted data are open to a vulnerability by which an attacker can exploit a On² algorithm to burn an inordinate amount of CPU effort by adding a great many properties to an ExpandoObject, whose Add metho...

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to XML external entity injection (XXE) attack

Summary XML external entity injection XXE vulnerability has been identified in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2026-3603 DESCRIPTION: IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001...

GHSA-HG88-V3CW-3QRH Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta

Summary Binary delta apply intermediate-symlink traversal in malicious .delta Autoupdate/SUBinaryDeltaApply.m enforces relativePath.pathComponents containsObject:@".." and rejects writes whose immediate parent directory IS itself a symbolic link, but does not detect symlinks deeper in the relativ...

Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta

Summary Binary delta apply intermediate-symlink traversal in malicious .delta Autoupdate/SUBinaryDeltaApply.m enforces relativePath.pathComponents containsObject:@".." and rejects writes whose immediate parent directory IS itself a symbolic link, but does not detect symlinks deeper in the relativ...

GHSA-WWX6-X28X-8259 russh: Post-decompression SSH packet size was not bounded, allowing remote oversized compressed packets

Summary When SSH compression is enabled, russh accepted compressed packets whose on-wire size passed the normal transport packet-length checks but whose decompressed size was much larger. This allowed a remote peer to send oversized post-decompression packets that should have been rejected. In...

russh: Post-decompression SSH packet size was not bounded, allowing remote oversized compressed packets

Summary When SSH compression is enabled, russh accepted compressed packets whose on-wire size passed the normal transport packet-length checks but whose decompressed size was much larger. This allowed a remote peer to send oversized post-decompression packets that should have been rejected. In...

CVE-2026-46344

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

GHSA-XG9X-H37W-H3R3 ezsystems/ezpublish-legacy has a SQL injection in dfscleanup

NB: All tags and branches in this repository are past their end of life, so the vulnerability will not be fixed. The advisory is posted on the request of the researcher, for the information of anyone who might still use this software. Impact There is a security vulnerability in eZ Publish Legacy,...

ezsystems/ezpublish-legacy has a SQL injection in dfscleanup

NB: All tags and branches in this repository are past their end of life, so the vulnerability will not be fixed. The advisory is posted on the request of the researcher, for the information of anyone who might still use this software. Impact There is a security vulnerability in eZ Publish Legacy,...

unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

Summary Sender::send in src/lib.rs contains an unsafe block in the DISCONNECTED arm that transmutes a raw pointer mut Producer into the bytes of a value-level Consumer. The author's intent, visible in the surrounding comment at lines 386-390, was a value transmute. The shipped code is one level o...

GHSA-6M57-8R3P-PQX6 unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

Summary Sender::send in src/lib.rs contains an unsafe block in the DISCONNECTED arm that transmutes a raw pointer mut Producer into the bytes of a value-level Consumer. The author's intent, visible in the surrounding comment at lines 386-390, was a value transmute. The shipped code is one level o...

Exploit for CVE-2026-46376

CVE-2026-46376 — FreePBX Unauthenticated UCP Access via Hard-C...

Security Bulletin: Multiple Vulnerabilities in IBM Aspera Enterprise WebApps

Summary Multiple Vulnerabilities Addressed in IBM Aspera Enterprise WebApps Version 1.0.3 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization wh...

CVE-2026-46344

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

CVE-2026-46344 liboqs: Heap-buffer-overflow in XMSS verification path via OID-controlled parameter mismatch (xmss_commons.c:194)

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

EUVD-2026-33413

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

CVE-2026-46344 liboqs: Heap-buffer-overflow in XMSS verification path via OID-controlled parameter mismatch (xmss_commons.c:194)

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

CVE-2026-46344

CVE-2026-46344 pertains to the liboqs C library (post-quantum cryptography). Before v0.16.0, there is a heap/out-of-bounds risk in XMSS/XMSS^MT stateful signature verification when a public key’s OID points to a larger parameter set than the declared algorithm, causing xmss_sign_open / xmssmt_sig...

SUSE-SU-2026:21919-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs bsc1257631. -...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service (DoS) due to Apache Commons FileUpload

Summary Apache Commons FileUpload in WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of the parse and process HTTP requests for handling file uploads. CVE-2023-24998. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload...