Linux Distros Unpatched Vulnerability : CVE-2026-9749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving...

CVE-2026-9749

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

EUVD-2026-35865

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

CVE-2026-9749

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

UBUNTU-CVE-2026-9749

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

CVE-2026-9749 Using MaxKey() may crash the server

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

CVE-2026-9749

The CVE-2026-9749 entry describes a bug in MongoDB where an aggregation pipeline using the internal $exchange stage with key-range partitioning and order-preserving delivery can cause a server crash. When a single key range produces many results that fill its exchange buffer, the code path detect...

Using MaxKey() may crash the server

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

PT-2026-48295

Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description A buffer overflow can occur during the execution of an aggregation pipeline using the internal $exchange stage. This happens when the stage is configured with key-range partitioning and...

Hardware-Aware QAOA for Honeypot Traffic Partitioning on 100+ Qubit IBM Quantum Processors

Denial-of-service DoS and distributed denial-of-service DDoS mitigation requires separating malicious traffic from benign traffic while minimizing disruption to legitimate users. Prior work proposed mapping honeypot traffic partitioning to a weighted MaxCut problem and solving the resulting graph...

CVE-2026-44576

A flaw was found in Next.js, a React framework for building web applications. This vulnerability, related to cache poisoning, affects applications utilizing React Server Components RSC when shared caches fail to properly partition response variants. A remote attacker can exploit this by causing a...

NVIDIA Display Driver for Linux 安全漏洞

NVIDIA Display Driver for Linux is a graphics driver developed by NVIDIA Corporation. The NVIDIA Display Driver for Linux contains a security vulnerability. This vulnerability stems from the insecure default initialization of memory subsystem routing resources during Multi-Instance GPU partitioni...

CVE-2026-44582

Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions,...

CVE-2026-44576

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

CVE-2026-44576

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 13.4.6 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities stem from deployments that rely on shared caching and have insufficient response partitioning. A cache corruption...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 14.2.0 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities stem from improperly partitioning response variants when using React Server Components, which can lead to cache...

MAL-2026-2267 Malicious code in monolith-twirp-partitioning-pull_requests (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4214957e3e8849b6df7eb3bbd1b2c6e547fe8aa2c590a8a3a644e7d6ea8d73ed The OpenSSF Package Analysis project identified 'monolith-twirp-partitioning-pullrequests' @ 1.0.2 rubygems as malicious. It is considered...

Agent Privilege Separation in OpenClaw: A Structural Defense against Prompt Injection

Prompt injection remains one of the most practical attack vectors against LLM-integrated applications. We replicate the Microsoft LLMail-Inject benchmark Greshake et al., 2024 against current generation models running inside OpenClaw, an open source multitool agent platform. Our proposed defense...

ROS-20260129-73-0003

Vulnerability in openstack-barbican related to insufficient spatial partitioning. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...