160854 matches found
CVE-2026-13590
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
CVE-2026-13592
The CVE-2026-13592 issue affects liftoff-sr CIPster (up to commit e8e9dba09bf56962807d3504b783ccdb6287f3e4). The vulnerability is in BufWriter::append within the EtherNet IP Message Handler, where manipulation can cause an out-of-bounds write. It allows remote exploitation, and public exploits ar...
EUVD-2026-40156
A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...
CVE-2026-13591
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-13591 DeepMyst Mysti Contact Tracking ChannelBridge.ts _isTrackedConversation improper authorization
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
EUVD-2026-40153
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-13590
The CVE-2026-13590 affects seladb PcapPlusPlus 25.05, specifically the Modbus Protocol Handler’s ModbusLayer getLength implementation in Packet++/header/ModbusLayer.h. The issue is a heap-based buffer overflow caused by manipulation of the length argument, with remote execution possible. Document...
EUVD-2026-40152
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
CVE-2026-13589
A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...
EUVD-2026-40150
A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...
CVE-2026-13588
The CVE concerns seladb PcapPlusPlus 25.05, specifically TLS Hello Handler’s pcpp::SSLClientHelloMessage::getHandshakeVersion in Packet++/src/SSLHandshake.cpp. Manipulating handshakeVersion may cause a heap-based buffer overflow, with remote execution possible. Exploitation is described as high c...
CVE-2026-13588 seladb PcapPlusPlus TLS Hello SSLHandshake.cpp getHandshakeVersion heap-based overflow
A vulnerability was determined in seladb PcapPlusPlus 25.05. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion of the file Packet++/src/SSLHandshake.cpp of the component TLS Hello Handler. Executing a manipulation of the argument handshakeVersion can lead to...
ROOT-OS-DEBIAN-11-CVE-2026-35177 CVE-2026-35177 in rootio-vim - Patched by Root
Root has patched CVE-2026-35177 in the rootio-vim package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-34982 CVE-2026-34982 in rootio-vim - Patched by Root
Root has patched CVE-2026-34982 in the rootio-vim package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-28421 CVE-2026-28421 in rootio-vim - Patched by Root
Root has patched CVE-2026-28421 in the rootio-vim package for Root:Debian:11. Multiple fixed versions available...
CVE-2026-13676
The CVE concerns the fast-uri library (versions 2.3.1–3.1.2 and 4.0.0) where the IDN host canonicalization path fails to normalize Unicode hosts for HTTP URLs. A helper used in IDN conversion does not exist on the global URL constructor, leaving the host in Unicode form while normalize() and equa...
ROOT-APP-NPM-CVE-2026-1528 CVE-2026-1528 in @rootio/undici - Patched by Root
Root has patched CVE-2026-1528 in the @rootio/undici package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-1527 CVE-2026-1527 in @rootio/undici - Patched by Root
Root has patched CVE-2026-1527 in the @rootio/undici package for Root:npm. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-41179 CVE-2026-41179 in rootio-github.com/rclone/rclone - Patched by Root
Root has patched CVE-2026-41179 in the rootio-github.com/rclone/rclone package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-41176 CVE-2026-41176 in rootio-github.com/rclone/rclone - Patched by Root
Root has patched CVE-2026-41176 in the rootio-github.com/rclone/rclone package for Root:Go. Multiple fixed versions available...