EUVD-2026-35486

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

CVE-2026-42769 Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

PT-2026-47839

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description An error in the callback used to verify certificates during a Root CA key update in the Certificate Management Protocol CMP renders certificate validation ineffectual. Specifically, a typo in...

nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

GHSA-MW3Q-R9WH-H2FF nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

PT-2026-42637

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::put chunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

Juju has broken CMR authorization

Impact Cross-model Relation authorization is broken and has a potential security vulnerability. If the controller does not have the root key to verify the macaroon or if the macaroon has expired, an unvalidated and therefore untrusted macaroon is used to extract declared caveats. Facts from these...

GHSA-J477-6VPG-6C8X Juju has broken CMR authorization

Impact Cross-model Relation authorization is broken and has a potential security vulnerability. If the controller does not have the root key to verify the macaroon or if the macaroon has expired, an unvalidated and therefore untrusted macaroon is used to extract declared caveats. Facts from these...

MiracleLinux 7 : unbound-1.4.20-26.el7 (AXSA:2015-838:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-838:01 advisory. Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ide...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989168)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989168 advisory. In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock...

UBUNTU-CVE-2023-53618

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject invalid reloc tree root keys with stack dump BUG Syzbot reported a crash that an ASSERT got triggered inside preparetomerge. That ASSERT makes sure the reloc tree is properly pointed back by its subvolume tree. CAUS...

EUVD-2015-4239

Malware in sbrugna...

EUVD-2022-7669

Malicious code in bioql PyPI...

EUVD-2023-33710

Malicious code in bioql PyPI...

kernel: security/keys: fix slab-out-of-bounds in key_task_permission

In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in keytaskpermission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in kuidval include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uideq include/linux/uidgid.h:63...

SaltStack Salt Master Server Root Key Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt Master Server Root Key Disclosure', 'Description' = %q This module exploits unauthenticated access to the prepauthinfo method in t...

BIT-VAULT-2023-2197 Vault Enterprise Vulnerable to Padding Oracle Attacks When Using a CBC-based Encryption Mechanism with a HSM

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKMAESCBCPAD or CKMAESCBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in orde...

Inadequate Encryption Strength

vault is vulnerable to Inadequate Encryption Strength. Using a HSM in with the 'CKMAESCBCPAD' or 'CKMAESCBC' encryption results in a padding oracle attack where the attacker could gain access to the vaults root key...

CVE-2023-2197

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKMAESCBCPAD or CKMAESCBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in orde...

CVE-2023-2197

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKMAESCBCPAD or CKMAESCBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in orde...