Lucene search
K

69 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

SUSE SLES16 Security Update : libyang (SUSE-SU-2026:22208-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22208-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing craft...

7.5CVSS5.9AI score0.00519EPSS
Exploits0References7
OSV
OSV
added 2026/06/20 6:58 a.m.5 views

OPENSUSE-SU-2026:21113-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS6AI score0.00519EPSS
Exploits0References4
OSV
OSV
added 2026/06/20 6:56 a.m.2 views

SUSE-SU-2026:22200-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS6.1AI score0.00519EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0157: libyang (ALINUX3-SA-2026:0157)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by a vulnerability as referenced in the ALINUX3-SA-2026:0157 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-44673: libyang is a YANG data modeling...

7.5CVSS5.8AI score0.00428EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/06/12 6:50 a.m.6 views

Security update for libyang

This update for libyang fixes the following issue CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow when parsing a maliciously crafted LYB binary blob bsc1265330. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

8.8CVSS5.6AI score0.00428EPSS
Exploits0References4
OSV
OSV
added 2026/06/12 6:50 a.m.6 views

SUSE-SU-2026:2381-1 Security update for libyang

This update for libyang fixes the following issue - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow when parsing a maliciously crafted LYB binary blob bsc1265330...

7.5CVSS5.6AI score0.00428EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 11:37 a.m.9 views

libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob

A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...

7.5CVSS6.4AI score0.00428EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 8:43 a.m.7 views

SUSE-SU-2026:2337-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS5.7AI score0.00519EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/06/10 8:43 a.m.7 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
OSV
OSV
added 2026/06/10 8:43 a.m.8 views

SUSE-SU-2026:2335-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS5.7AI score0.00519EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 8:42 a.m.10 views

SUSE-SU-2026:2334-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS5.7AI score0.00519EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/08 6:39 p.m.10 views

libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob

A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...

7.5CVSS6.4AI score0.00428EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: Check the return value of ofpropertyreadstringindex. Between version 6.10 and 6.11, the driver began crashing on my MacBookPro14,3. The ofpropertyreadstringindex function does not exist, and the tmp variable...

5.5CVSS6.5AI score0.00194EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/16 8:3 a.m.15 views

libyang: lyb_read_string() integer overflow → heap buffer overflow

...

7.5CVSS5.8AI score0.00428EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

8.6CVSS6AI score0.00428EPSS
Exploits0References12
NVD
NVD
added 2026/05/14 9:16 p.m.23 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS0.00428EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.10 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 8:35 p.m.16 views

EUVD-2026-30484

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:35 p.m.6 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 8:35 p.m.42 views

CVE-2026-44673

CVE-2026-44673 affects libyang. The issue is an integer overflow in lyb_read_string() in src/parser_lyb.c, leading to a heap buffer overflow when parsing malicious LYB binary blobs. Affected path includes any libyang consumer that processes LYB data (e.g., NETCONF servers, sysrepo). Impact is cra...

7.5CVSS6AI score0.00428EPSS
Exploits0References7
Rows per page
Query Builder