UBUNTU-CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

CVE-2026-3446 Base64 decoding stops at first padded quad by default

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

CVE-2026-3446

CVE-2026-3446 affects Python’s base64 decoding (base64.b64decode and related functions). The root cause is that the decoder stops after the first padded quad, potentially leaving additional data unprocessed. This can cause data to be accepted and then processed differently by other implementation...

CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

PSF-2026-16

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

CVE-2026-6068

NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...

DEBIAN-CVE-2026-6068

NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...

CVE-2026-6068

NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...

CVE-2026-6068

CVE-2026-6068 affects NASM. A heap-use-after-free in response file processing (-@) stores a dangling pointer to freed memory in the global depend_file, which is later dereferenced after the response-file buffer is freed. This can cause data corruption and, per sources, may enable remote code exec...

CVE-2026-6068 CVE-2026-6068

NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...

CVE-2026-5479

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...

CVE-2026-2712

The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability checks in the receiveheartbeat function in includes/class-wp-optimize-heartbeat.php in all versions up to, and including, 4.5.0. This is due to the Heartbeat handler directly...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the error handling path of the TLSXKeyShareProcessPqcHybridClient process. An attacker can cause memory corruption or potentially execute arbitrary code by triggering an error during post-quantum cryptography hybrid...

DEBIAN-CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

Vikunja 安全漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the addRepeatIntervalToTime function, which used an On loop to handle repetitive tasks. This could lead to billion...

SUSE SLES12 Security Update : bind (SUSE-SU-2026:1229-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1229-1 advisory. - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Tenable has extracted the preceding...

Event-Driven Temporal Graph Networks for Asynchronous Multi-Agent Cyber Defense in NetForge_RL

The transition of Multi-Agent Reinforcement Learning MARL policies from simulated cyber wargames to operational Security Operations Centers SOCs is fundamentally bottlenecked by the Sim2Real gap. Legacy simulators abstract away network protocol physics, rely on synchronous ticks, and provide clea...

openSUSE 16 Security Update : osslsigncode (openSUSE-SU-2026:20473-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20473-1 advisory. Changes in osslsigncode: - Update to 2.13 bsc1260680, CVE-2025-70888: fixed integer overflows when processing APPX compressed data streams fixed...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.25 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypasses in the Telegram inquiry processing mechanism, which could allow remote attackers...