crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

Lockbox -- a Zero Trust Architecture for Secure Processing of Sensitive Cloud Workloads

Enterprises increasingly rely on cloud-based applications to process highly sensitive data artifacts. Although cloud adoption improves agility and scalability, it also introduces new security challenges such as expanded attack surfaces, a wider radius of attack from credential compromise, and...

Google Android Information Disclosure Vulnerability (CNVD-2026-16154)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability. The vulnerability is caused by a possible way to access the GPU cache due to side channel information leakage in drawLayersInternal of SkiaRenderEngine.cp...

HP Device Manager Vulnerability Update (5.0.16)

Potential vulnerabilities have been identified in HP Device Manager versions prior to HPDM 5.0.16. HP is releasing mitigation for the potential vulnerabilities as part of the 5.0.16 release. All of the identified vulnerabilities listed above were addressed and fixed as part of HP Device Manager...

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

PT-2026-23925

A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...

PT-2026-23972

A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin user delete.php of the component Endpoint. Executing a manipulation of the argument user id can lead to improper authorization. The attack may be...

AZL-79509 CVE-2026-2219 affecting package dpkg 1.20.10-1

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

Improper Authentication

Overview @x402/svm is a x402 Payment Protocol SVM Implementation Affected versions of this package are vulnerable to Improper Authentication in facilitator payment processing on Solana. An attacker can interfere with or manipulate payment transactions by exploiting a race condition. Remediation...

CVE-2026-28451

OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image processing. Attackers can influence tool calls...

Linux Distros Unpatched Vulnerability : CVE-2025-69651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or...

EUVD-2025-208345

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

AZL-79595 CVE-2025-69649 affecting package binutils 2.37-20

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

AZL-79571 CVE-2025-69649 affecting package binutils 2.41-10

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

UBUNTU-CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

OPENSUSE-SU-2026:20330-1 Security update for python-uv

This update for python-uv fixes the following issue: - CVE-2025-13327: parsing differentials when processing specially crafted ZIP archives during package installation can lead to arbitrary code execution bsc1258993...

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...