CVE-2026-9530

A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read2004compressedsection of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made...

CVE-2026-9501

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

CVE-2026-9301

The CVE concerns omec-project amf up to version 2.1.1, affecting the NGReset Message Handler. According to the description in the CVE entry and related records, manipulating the NGReset Message Handler can cause memory corruption, and the issue is exploitable remotely. The exploit is reported as ...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsnew inode in the file fs/nilfs2/inode.c of the BPF component. This vulnerability allows for manipulation after the memory allocation function free is called. The attack ca...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. The component affected by this vulnerability is the “ipv6renewoptions” function within the IPv6 handler. This vulnerability causes a memory leak. The attack can be launched remotely. It is recommended th...

Astra Linux - уязвимость в linux-5.10

A vulnerability has been discovered in the Linux kernel. It has been rated as problematic. The affected component is the sessfreebuffer function in the fs/cifs/sess.c file of the CIFS Handler module. This vulnerability can lead to double-free operations. It is recommended that patches be applied ...

Linux Distros Unpatched Vulnerability : CVE-2026-8213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the...

go-git: Improper single-quote escaping in go-git SSH transport

Impact go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. This diverges from canonical Git, which shell-quotes the path through sqquotebuf so that an embedded ' becomes the '''...

CVE-2026-8802 opensourcepos Open Source Point of Sale Items.php getPicThumb path traversal

A vulnerability was detected in opensourcepos Open Source Point of Sale up to 3.4.2. This issue affects the function getPicThumb of the file app/Controllers/Items.php. The manipulation of the argument picfilename results in path traversal. The attack may be launched remotely. The patch is...

CVE-2026-8744

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogssbisubscriptiondataadd/ogssbinfserviceadd in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The exploit ha...

CVE-2026-40863

CVE-2026-40863 affects PhpSpreadsheet’s SpreadsheetML XML reader. An attacker can craft an XML with an oversized ss:Index (e.g., 999999999) on a , inflating the internal cachedHighestRow to ~1 billion and causing CPU exhaustion during row iteration. This leads to denial of service when processing...

Insufficient Entropy

Overview Affected versions of this package are vulnerable to Insufficient Entropy in the xml.parsers.expat and xml.etree.ElementTree components. An attacker can cause excessive CPU consumption and degrade service availability by submitting specially crafted XML documents designed to trigger hash...

CVE-2026-7210

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

UBUNTU-CVE-2026-7210

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

CVE-2026-7210

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

CVE-2026-7210

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

CVE-2026-8276

A flaw has been found in bettercap up to 2.41.5. Affected by this issue is some unknown functionality of the file modules/mysqlserver/mysqlserver.go of the component MySQL Server. Executing a manipulation can lead to integer coercion error. The attack can be launched remotely. The attack requires...

Linux Distros Unpatched Vulnerability : CVE-2026-8275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file...

Unity Linux 20.1060e / 20.1070e Security Update: git (UTSA-2026-017652)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017652 advisory. Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with...

PT-2026-39334

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs sbi client send via scp or sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation results in out-of-bounds read. The attack is possible to be carried out remotely. The patch is named...