Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the minmeascan function. An attacker can execute arbitrary code or cause a denial of service by supplying specially crafted NMEA input that leads to copying data into a buffer without proper size...

EUVD-2026-28719

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

EUVD-2026-28565

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

EUVD-2026-28577

In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor fills the...

CVE-2026-43413

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

CVE-2026-43413

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

CVE-2026-43413 scsi: hisi_sas: Fix NULL pointer exception during user_scan()

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

CVE-2026-43413

The CVE-2026-43413 entry concerns the Linux kernel HISI_SAS SCSI driver where user_scan() can trigger a NULL pointer dereference when scanning an unsupported channel (multi-channel scan path triggers for channel 1 even though hisi_sas supports only one channel). The exploit path is a NULL derefer...

UBUNTU-CVE-2026-43307

In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor fills the...

CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

UBUNTU-CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

CVE-2026-43295 rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

EUVD-2025-209737

RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration...

Malicious code in eth-wallet-kit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b0cce18986ec63fd689844cfc29b4023837d71b35b173a9cb08476c7575fcf2 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

MAL-2026-3378 Malicious code in eth-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e5895b0a95cf86acc67f21e61b55a0718a073fd06657523b47550532153ed546 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

Malicious code in eth-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e5895b0a95cf86acc67f21e61b55a0718a073fd06657523b47550532153ed546 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

Malicious code in web3-helper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8b4b0ec18a585bcc92bfeea9cf5e3febdd7d540f38f78cb1acc62ce33784a492 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

MAL-2026-3375 Malicious code in crypto-kit-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3c7b3526469db1bb04a5875cfcb3a1e41fe3f9c697b6d63e497a15d1177cb1b The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

CVE-2025-69599

RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration...

Malicious code in solana-wallet-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa7ec45d58fb68b5b24d909a387ed8b1abe465a49e96bf2a24b85a65e730fbe9 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...