CVE-2026-44324

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueId does n...

GHSA-J59F-X285-69JX free5GC's NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference

Summary free5GC's NEF PATCH /3gpp-pfd-management/v1/afId/transactions/transId/applications/appId handler panics with a nil-pointer dereference when the upstream UDR call fails AND the consumer wrapper returns err != nil together with a nil ProblemDetails. The handler's errPfdData != nil branch...

NATS Server panic via malicious compression on leafnode port

...

CVE-2026-21895 rsa crate has potential panic on a prime being equal to 1

The rsa crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is 1. Version 0.9.10 fixes the issue...

CVE-2026-21895 rsa crate has potential panic on a prime being equal to 1

The rsa crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is 1. Version 0.9.10 fixes the issue...

CVE-2026-21895 rsa crate has potential panic on a prime being equal to 1

The rsa crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is 1. Version 0.9.10 fixes the issue...

openSUSE 16 Security Update : act (openSUSE-SU-2025-20138-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025-20138-1 advisory. - CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent client when receiving unexpected message types for key listing or signing...

SUSE CVE-2025-38165

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skblinearize The panic can be reproduced by executing the command: ./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000 Then a kernel panic was captured: ''' 657.460555 kernel BU...

Linux Distros Unpatched Vulnerability : CVE-2024-26868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4fflayoutprepareds fails We've been seeing the following panic in...

DEBIAN-CVE-2024-47522

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. O...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated kernel packages fix the following security issues : A flaw was found in the virtual filesystem VFS. A local unprivileged user could truncate directories to which they had write permission; this could render the contents of the directory inaccessible. CVE-2008-0001, Important A flaw...