CVE-2026-8121

A vulnerability has been found in Open5GS up to 2.7.7. The impacted element is the function ogssbiparseplmnlist in the library /lib/sbi/conv.c of the component NSSF. The manipulation leads to denial of service. The attack is possible to be carried out remotely. The exploit has been disclosed to t...

CVE-2026-8121

Open5GS is affected up to version 2.7.7 in the NSSF component. The vulnerable element is ogs_sbi_parse_plmn_list in /lib/sbi/conv.c, where manipulation leads to a denial of service. The issue is exploitable remotely; the exploit has been disclosed publicly and the project was informed via issue r...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xesyncentryparse function failing to clean up some initialized synchronization states when...

PT-2026-38833

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux parse trak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this...

math-codegen 代码注入漏洞

Math-CodeGen is an interpreter developed by Mauricio Poppe that generates JavaScript code from mathematical expressions. Versions of Math-CodeGen prior to 0.4.3 contained a code injection vulnerability. This vulnerability stemmed from the cg.parse function not properly cleaning string literal...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the parsedacl function in SMB clients, which treats ACEs matching sidunixNFSmode as NFS mo...

PT-2026-39056

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the xe sync entry parse function fails during parsing. The function may allocate references for syncobj, fence, chain fence, or user fence...

Linux Distros Unpatched Vulnerability : CVE-2026-43395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before...

PT-2026-38838

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse ds64 function within gstwavparse.c. The parse ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing...

CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

DEBIAN-CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

DEBIAN-CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

CVE-2026-39825

CVE-2026-39825 concerns Go’s ReverseProxy (net/http/httputil). The issue: ReverseProxy forwards query parameters that are not visible to Rewrite/Director functions parsing parameters via url.ParseQuery. It does not respect ParseQuery’s limit on total query parameters (controlled by GODEBUG=urlmax...

GO-2026-4976 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

artemproject2 (>=1.2.1 <=1.8.8) potentially affected by CVE-2025-63703 via parse-ini (=1.0.6)

parse-ini NPM version =1.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on parse-ini and may be impacted: - artemproject2 =1.2.1, =1.8.8 Source cves: CVE-2025-63703 Source advisory: OSV:GHSA-X72J-HV9F-QQH4...