PT-2026-38404

Name of the Vulnerable Software and Affected Versions css parser versions prior to 1.22.0 css parser versions prior to 2.1.0 Description The software fails to validate HTTPS connections when loading stylesheets, which allows a Man-in-the-Middle MITM attacker to inject or modify CSS content. This...

mathjs 安全漏洞

MathJS is an extension library for JavaScript and Node.js developed by Jos de Jong. It includes a flexible expression parser, offering integrated solutions for handling numbers, large numbers, complex numbers, units, matrices, etc. Versions of MathJS from 13.1.0 to 15.2.0 had security...

PT-2026-38340

Name of the Vulnerable Software and Affected Versions Math.js versions 13.1.0 through 15.1.x Description Arbitrary JavaScript can be executed through the expression parser of the library. Recommendations Update to version 15.2.0...

Oracle Linux 7 : perl-XML-Parser (ELSA-2026-8578)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8578 advisory. 2.41-10.0.3 - Security update for CVE-2006-10002 and CVE-2006-10003 Orabug: 39220442 Tenable has extracted the preceding description block directly fro...

scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion

Summary A single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses ≈ 4–12 KB drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds to stack overflow with std::process::abort — the entire...

Allocation of Resources Without Limits or Throttling

Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when parsing multipart headers in MultipartParser, which can hang without failing in the following states:...

GHSA-HJPH-F4MC-WX4C Duplicate Advisory: Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8mp2-v27r-99xp. This link is maintained to preserve external references. Original Description Summary Denial-of-Service DoS vulnerability in the Mistune Markdown parser. The issue occurs when processing speciall...

BIT-JAVA-2026-22016

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

BIT-JAVA-MIN-2025-32414

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

BIT-JAVA-MIN-2024-40896

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...

BIT-JAVA-2024-40896

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality, denial of service and cross-site scripting

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, GHSA-39q2-94rc-95cp, denial of service CVE-2026-33151, CVE-2026-32288 and cross-site scripting CVE-2026-27142. This bulletin...

CVE-2026-7572 Velociraptor EVTX Parser — Process Crash via Crafted .evtx File

An off-by-one error CWE-193 in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service DoS via a process crash by providing a specially crafted .evtx file to the parseevtx VQL...

CVE-2026-7572 Velociraptor EVTX Parser — Process Crash via Crafted .evtx File

An off-by-one error CWE-193 in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service DoS via a process crash by providing a specially crafted .evtx file to the parseevtx VQL...

PT-2026-38046

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux parse trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure...

RHCOS 4 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2431 advisory. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly recycled in Gzip Request...

PT-2026-37815

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux parse samples within qtdemux.c. This issue arises when the function qtdemux parse samples reads data beyond the boundaries of the stream-stco buffer. The following co...

PT-2026-37810

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...

PT-2026-38017

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...

GraphQL-Ruby's Ruby lexer does not count comment tokens for the purposes of max_query_string_tokens

GraphQL-Ruby's maxquerystringtokens configuration didn't count comment tokens against the limit, allowing strings to be processed even after the configured maximum had actually been reached. In patched versions, the Ruby lexer does count these tokens. GraphQL-CParser is not affected by this...