659 matches found
CVE-2026-14890
SGLang is vulnerable to unauthenticated remote code execution via its expert-parallel backup subsystem. The issue centers on a ZeroMQ PULL socket exposed on a routable network interface with no authentication or deserialization safeguards, allowing an attacker to send a malicious pickle payload t...
EUVD-2026-43534
OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can exploit misconfigured input paths or enabled features to escalate...
CVE-2026-58307
Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...
EUVD-2026-42578
Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...
CVE-2026-58307
Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...
CVE-2026-58307
Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...
PT-2026-55524
Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...
CVE-2026-38640
A reachable unwrap in the assertfail function /assert/mod.rs of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted string...
CVE-2026-9718
CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...
CVE-2026-9718
CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...
EUVD-2026-39435
CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...
CVE-2026-9718
Technical details about CVE-2026-9718 are not publicly available in the provided documents; monitor for updates from official advisories.
CVE-2026-9718
CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...
CVE-2026-38640
A reachable unwrap in the assertfail function /assert/mod.rs of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted string...
PT-2026-52580
Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A reachable unwrap in the assert fail function located in /assert/mod.rs allows attackers to cause a Denial of Service DoS by providing a crafted string. An unwrap is a operation that attempts...
CVE-2026-38640
CVE-2026-38640 affects relibc. A reachable unwrap in the __assert_fail function (/assert/mod.rs) from commit 61f42d may cause a Denial of Service via a crafted string. The vulnerability is evidenced in multiple sources (NVD record, cve lists, and third-party reports) with CVSS:3.1/AV:N/AC:L/PR:N/...
SUSE-SU-2026:22258-1 Security update for avahi
This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...
Reachable Assertion
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Reachable Assertion via the resolveobjbyqualname function. An attacker can execute arbitrary code by publishing a malicious model with a crafted...
PT-2026-49108
CVE-2026-10676 - Rejected reason: This CVE Record has been rejected CVE ID :CVE-2026-10676 Published : June 12, 2026, 12:16 a.m. | 1 hour, 14 minutes ago Description :Rejected reason: This CVE Record has been rejected by the Zephyr Project CNA. Subsequent analysis determined that the addressed...
SUSE-SU-2026:2296-1 Security update for avahi
This update for avahi fixes the following issue: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546...