libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

Amazon Linux 2023 : cuda-toolkit (ALAS2023NVIDIA-2025-031)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-031 advisory. NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A...

CVE-2026-44579

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected...

CVE-2026-44579 Next.js: Denial of Service via connection exhaustion in applications using Cache Components

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected...

CVE-2026-44579 Next.js: Denial of Service via connection exhaustion in applications using Cache Components

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected...

PYSEC-2026-142

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

DEBIAN-CVE-2026-44432

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

CVE-2026-44432 urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

CVE-2026-44432

CVE-2026-44432 affects urllib3 before 2.7.0, where the library could decompress the entire response during HTTPResponse.read or drain_conn, leading to high CPU and memory usage when handling highly compressed data. Affected versions: 2.6.0 up to (but not including) 2.7.0. Impact described as pote...

BIT-MONGODB-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js prior to 15.5.16 and 16.2.5 have a security vulnerability. This vulnerability arises from using the Partial Prerendering feature of Cache Components. A specially crafted POST request to the server can lead to connection...

Improper Memory Buffer Handling

uuid is vulnerable to Improper Memory Buffer Handling. The vulnerability is due to missing validation of buffer size and offset values during UUID generation, which allows an attacker to trigger silent partial writes into caller-provided buffers...

CVE-2026-42006

An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass t...

Security of Decoy-State Quantum Key Distribution with Correlated Bit-And-Basis Encoders

Practical quantum key distribution QKD modulators inevitably introduce correlations, causing the state emitted in a given round to depend on the setting choices made in previous rounds. These correlations break the round-by-round independence structure on which many widely used security proof...

Allocation of Resources Without Limits or Throttling

Overview next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling involving Partial Prerendering in the Cache Components feature. An attacker can exhaust the connection pool by sending malicious POST requests that cause a...

Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components

Impact Applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections ope...

GHSA-MG66-MRH9-M8JX Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components

Impact Applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections ope...

SUSE CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

PT-2026-39666

Name of the Vulnerable Software and Affected Versions urllib3 versions 2.6.0 through 2.6.x Description An issue exists in the streaming API where the library may decompress an entire HTTP response instead of the requested portion. This occurs in two scenarios: during the second...