478 matches found
GHSA-H89V-J3X9-8WQJ OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)
Summary Archive extraction lacked strict resource budgets, allowing high-expansion ZIP/TAR archives to consume excessive CPU/memory/disk during install/update flows. Affected Packages / Versions - openclaw npm: = 2026.2.13 - clawdbot npm: = 2026.1.24-3 Details Affected component:...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...
PT-2026-7570
An uncontrolled resource consumption vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...
SUSE CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
UBUNTU-CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2025-14831 Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification
A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...
CVE-2026-0398 Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2026-0398
PowerDNS Recursor is affected by CVE-2026-0398. The issue involves crafted DNS zones that can cause increased resource usage and crafted CNAME chains that can lead to cache poisoning in the Recursor. The available documents do not specify affected versions, exact root cause in code paths, or offi...
CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2026-0398 Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
CVE-2026-0398
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...
PowerDNS Recursor(pdns_recursor) 安全漏洞
PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. PowerDNS Recursor has security vulnerabilities; these vulnerabilities stem from custom zones, which may lead to increased resource usage, and custom CNAME chains, which may cause cache...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...
Allocation of Resources Without Limits or Throttling
Overview @isaacs/brace-expansion is a Brace expansion as known from sh/bash Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unbounded brace range expansion. An attacker can cause excessive CPU and memory consumption, potentially...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...