394 matches found
CVE-2026-53916
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...
CVE-2026-48090
A flaw was found in Envoy's HTTP OAuth2 filter. A use-after-free vulnerability exists where an in-flight async token exchange can remain attached to a downstream stream that has already been torn down, leading to undefined behavior, worker crashes, and denial of service. Mitigation Mitigation for...
CVE-2026-47205
A flaw was found in Envoy's extauthz HTTP filter. A use-after-free vulnerability exists when processing per-route authorization overrides concurrently with rapid downstream client disconnects. This can lead to a segmentation fault and denial of service. Mitigation Mitigation for this issue is...
CVE-2026-6921
A race flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493315759 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...
CVE-2026-40046
A flaw was found in Apache ActiveMQ, Apache ActiveMQ All and Apache ActiveMQ MQTT. The fix for CVE-2025-66168 was not applied for 6.0.0+ versions. This exposed the underlying integer overflow/wraparound vulnerability when handling MQTT control packets, causing the broker to misinterpret payloads...
CVE-2026-33815
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...
CVE-2026-34764
A flaw was found in Electron, a framework for building desktop applications. This vulnerability, a use-after-free, affects applications that utilize offscreen rendering with GPU shared textures. Under specific conditions, a callback function can attempt to access memory that has already been...
CVE-2025-66037
A flaw was found in OpenSC, an open-source smart card tools and middleware. An attacker could exploit this vulnerability by providing a specially crafted input. This crafted input causes an out-of-bounds heap read, where the software attempts to read data beyond its allocated memory. Mitigation...
CVE-2026-32874
A flaw was found in UltraJSON, a fast JSON encoder and decoder. A remote attacker can exploit this vulnerability by providing specially crafted JSON input that contains extremely large integers. When UltraJSON attempts to parse these inputs, it leads to an accumulating memory leak. This excessive...
CVE-2026-31959
A flaw was found in Quill. This Server-Side Request Forgery SSRF vulnerability occurs when Quill attempts to fetch Apple notarization submission logs. An attacker, capable of tampering with API responses from Apple's notarization service e.g., in environments with TLS-intercepting proxies, can...
CVE-2026-31961
A flaw was found in Quill. An attacker can exploit this unbounded memory allocation vulnerability by providing a specially crafted Mach-O binary to Quill for processing. This malicious binary contains oversized values in its code signing structures, causing Quill to attempt to allocate excessive...
CVE-2026-31958
A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...
CVE-2026-29777
A flaw was found in Traefik. A tenant with write access to an HTTPRoute resource can exploit this vulnerability by injecting specially crafted rule tokens into Traefik's router rule language through unsanitized header or query parameter match values. This allows the attacker to bypass listener...
CVE-2026-3784
A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker...
CVE-2026-1965
A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the...
CVE-2026-3805
A flaw was found in curl. When handling a second Server Message Block SMB request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or...
CVE-2026-26131
A flaw was found in .NET. Incorrect default permissions allow an authorized local attacker to exploit this vulnerability. This can lead to local privilege escalation, enabling the attacker to gain higher access rights on the system. Mitigation Mitigation for this issue is either not available or...
CVE-2026-28292
A vulnerability was discovered in the simple-git Node.js library. The issue is caused by improper validation of user-supplied input when constructing Git commands. An attacker able to supply specially crafted repository URLs or arguments could exploit Git’s ext:: protocol handler to execute...
CVE-2026-2742
A flaw was found in com.vaadin/flow-server. This authentication bypass vulnerability allows an unauthenticated attacker to bypass security filters by accessing the /VAADIN endpoint without a trailing slash. This inconsistent path pattern matching enables the attacker to trigger framework...
CVE-2026-31812
A flaw was found in quinn-proto, a pure-Rust implementation of the IETF QUIC transport protocol. A remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quictransportparameters...