65 matches found
CVE-2026-14198
@fastify/middie versions 9.1.0 through 9.3.2 decode the encoded slash %2F inside path parameter values before matching middleware paths, while Fastify's underlying router preserves the encoding during route lookup. The two layers disagree on the canonical request path, so the middleware fails to...
UBUNTU-CVE-2026-53214
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...
SUSE CVE-2026-46172
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...
CVE-2026-46172
A flaw was found in the Linux kernel's IPv6 Internet Protocol version 6 xfrm6 component. When processing encapsulated IPv6 packets, the xfrm6rcvencap function fails to release a destination dst entry reference if an IPv6 route lookup results in an error. A remote attacker could exploit this by...
CVE-2026-46172
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...
UBUNTU-CVE-2026-46172
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...
EUVD-2026-32799
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...
CVE-2026-46172
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...
CVE-2026-46172
** CWE-XXXX**: CVE-2026-46172 affects the Linux kernel IPv6 xfrm6 path. The issue occurs in xfrm6_rcv_encap() during an IPv6 route lookup when a dst is not yet attached; ip6_route_input_lookup() can return a dst with an error, and if dst->error is set, the skb is dropped without attaching/rele...
SUSE CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
PT-2026-44295
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel within the xfrm6 rcv encap function. When performing an IPv6 route lookup, the ip6 route input lookup function returns a referenced destination d...
EUVD-2026-32371
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
CVE-2026-45905 is a Linux kernel networking vulnerability in the xfrm/icmp_route_lookup reverse path. The race occurs during ICMP error handling when a concurrent address change may cause ip_route_input() to return a LOCAL route with a dst that can trigger a WARN_ON in ip_rt_bug. The fix checks t...
CVE-2026-45905 xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
EUVD-2019-2407
Malware in sbrugna...
EUVD-2025-27884
Malicious code in bioql PyPI...
EUVD-2022-1592
Malicious code in bioql PyPI...
EUVD-2022-5053
Malicious code in bioql PyPI...
DEBIAN-CVE-2023-53343
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...