CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

DEBIAN-CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

NPM: Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

NPM: Axios: unbounded recursion in toFormData causes DoS via deeply nested request data vulnerability discovered by ? in WordPress Npm axios versions = 0.31.0...

Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

Summary toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. Details lib/helpers/toFormData.js:210 defines an inner buildvalue, path that recurses into every object/array child line 225:...

CVE-2026-44028

CVE-2026-44028 affects Nix and Lix: unbounded recursion in the NAR (Nix Archive) parser can cause a stack-to-heap overflow when parsing on a coroutine stack. The stack lacks a guard page, enabling a stack overflow to overwrite heap memory and potentially execute arbitrary code as the Nix daemon (...

ROS-20260505-73-0015

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0019

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-36940

Name of the Vulnerable Software and Affected Versions Nix versions 2.24.4 through 2.34.6 Lix versions 2.93.0 through 2.95.1 Description Unbounded recursion in the NAR Nix Archive parser can lead to a stack-to-heap overflow when the parser operates on a coroutine stack. Because the stack is...

ROS-20260505-73-0016

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0017

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0018

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Security Bulletin: IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922.

Summary IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyas...

pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

Security Bulletin: pyasn1 Uncontrolled Recursion in ASN.1 Decoding Enables Denial of Service

Summary pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

Astra Linux - уязвимость в libpodofo

A flaw was discovered in PoDoFo 0.9.7. An uncontrolled recursive call within the PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow issue...