367 matches found
CVE-2026-32134
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...
freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This vulnerability, a heap use-after-free, occurs during an auto-reconnect operation when the xfclipboardformatsfree function frees memory that is still being accessed by another thread. A remote attacker could...
CVE-2026-44054
Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...
CVE-2026-44054
Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...
CVE-2026-44054 Predictable afpd session token
Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “smb: client: fix TCP timers deadlock after rmmod” This fix reverts to the previous state by using commit e9f2517a3e18a54a3943c098d2226b245d488801. The commit e9f2517a3e18 “smb: client: fix TCP timers deadlock after rmmod” was...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized server-smbdconn during reconnection. In smbdDestroy, the server-smbdconn pointer is cleared after freeing the smbdconnection structure it points to, so that reconnection won’t be confused...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a potential deadlock that could occur when reconnecting channels. Fixed the function cifssignalcifsdforreconnect to take the correct lock order and prevent the following deadlock from occurring:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nvme-fc: The use of lock access to portstate and rportstate was corrected. nvmefcunregisterremote removes the remote port from a lport object at any time when there is no active association. This issue conflicts with the...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext The key information in wext.connect is not reset upon reconnection, and it may retain data from a previous connection. Resetting the key data prevents drivers or mac80211 from incorrect...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the session state check when reconnecting to avoid a use-after-free issue. Do not collect the exiting session in smb2reconnectserver; this session will be released soon. Note that the exiting session will remain in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a use-after-free in ksmbdclosefd, through the use of a durable scavenger mechanism. When a durable file handle persists after a session disconnection TCP connection closed without SMB2LOGOFF, sessionfdcheck sets...
CVE-2026-32134
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...
CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...
EUVD-2026-30965
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...
CVE-2026-32134
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...
freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This vulnerability, a heap use-after-free, occurs during an auto-reconnect operation when the xfclipboardformatsfree function frees memory that is still being accessed by another thread. A remote attacker could...
PT-2026-41984
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for clean start=0...
EUVD-2026-29477
Postgrex: Channel-name SQL injection in Postgrex.Notifications.listen/3...