52 matches found
EUVD-2026-39556
The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...
CVE-2026-11576
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...
Linux Distros Unpatched Vulnerability : CVE-2026-52905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two minregionsz on damonstart Commit d8f867fa0825...
UBUNTU-CVE-2026-45445
Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...
BIT-AIRFLOW-2026-48726 Apache Airflow: revoke_token() unreachable in FabAuthManager / KeycloakAuthManager logout path
A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...
EUVD-2026-30571
The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...
drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path
...
CVE-2026-43427
In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...
CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
OESA-2026-2126 activemq security update
The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: 'Severity: low \n\nAffected versions:\n\n- Apache ActiveMQ Client org.apache.activemq:activemq-client before 5.19.3\n- Apache ActiveMQ Client org.apache.activemq:activemq-client 6.0.0 before...
Exploit for Incorrect Behavior Order: Validate Before Canonicalize in Varnish-Software Varnish_Enterprise
way2poccve-2026-34475 CVE-2026-34475 — Nuclei Detection Temp...
DEBIAN-CVE-2026-31555
In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...
kernel: RDMA/rxe: Fix incomplete state save in rxe_requester
An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe soft-RoCE driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue eleme...
CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010994)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010994 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...
GHSA-6QCC-6Q27-WHP8 goshs: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)
Summary deleteFile missing return after path traversal check | httpserver/handler.go:645-671 The finding affects the default configuration, no flags or authentication required. Details File: httpserver/handler.go:645-671 Trigger: GET /?delete handler.go:157-160 dispatches to deleteFile The functi...
EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2026-1478)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...
Astra Linux - уязвимость в curl
A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...
CVE-2026-28492
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses...
CVE-2026-23117 ice: add missing ice_deinit_hw() in devlink reinit path
In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...