FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain a security vulnerability caused by the uint8t type being used for the length field in the BGP ASPATH attribute encoding, which...

Important: golist

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

PT-2026-43275

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description Multiple out-of-bounds reads exist in the BGP MP REACH NLRI IPv6 attribute decoder. The decode mp reach ipv6 function in src/bgp protocol.cpp casts raw pointers to structure typ...

CVE-2026-48688

FastNetMon Community Edition up to 1.2.9 contains multiple out-of-bounds reads in the BGP MP_REACH_NLRI IPv6 attribute decoder (decode_mp_reach_ipv6 in src/bgp_protocol.cpp). The description notes a TODO to add sanity checks to avoid reads after the attribute memory block, and that the function c...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of null pointer checking in the l2capsocknewconnectioncb function within the Bluetooth L2CAP...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

PT-2026-43273

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description A stack-based buffer overflow exists in the BGP NLRI Network Layer Reachability Information decoder. The function decode bgp subnet encoding ipv4 raw in src/bgp protocol.cpp rea...

PT-2026-43272

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp protocol.hpp, the parse raw bgp attribute function correctly identifies when extended length bit is set and sets length of...

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 has an integer overflow in the BGP AS_PATH encoder (src/bgp_protocol.hpp, IPv4UnicastAnnounce::get_attributes). attribute_length and path_segment_length are stored in uint8_t, so AS_PATHs >63 ASNs truncate to 0–255 for sizing but the full data is writ...

Important: soci-snapshotter

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

USN-8305-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8279-3: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8279-3 linux-nvidia-tegra-igx vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 — React Server Components Pre-Auth RCE "React2...

UBUNTU-CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

CVE-2026-47077

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...

CVE-2026-47077

The CVE affects hackney (versions 2.0.0–4.0.0) due to an unbounded in-memory accumulation in hackney_h3:await_response_loop/6, where HTTP/3 response chunks are buffered without a cap. A malicious server can keep sending small chunks, preventing loop termination and exhausting the BEAM heap, leadi...

CVE-2026-47077 Unbounded body accumulation in HTTP/3 response loop in hackney

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...

EUVD-2026-31688

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...