CVE-2026-58058

A flaw was found in Nmap. A remote attacker or a scanned target can send a specially crafted IPv6 response with a truncated extension header. This can lead to an integer underflow, causing out-of-bounds reads and a denial of service DoS due to a crash during raw IPv6 scans. Mitigation Mitigation...

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

CVE-2026-58058 Nmap - Integer Underflow in IPv6 Extension Header Parsing

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

CVE-2026-58058

CVE-2026-58058 : Nmap up to 7.99 is affected by an integer underflow in IPv6 extension-header parsing (ipv6_get_data_primitive in libnetutil/netutil.cc). A crafted or truncated IPv6 extension header returned by a scanned target or on-path attacker can cause the remaining-length to underflow to a ...

EUVD-2026-38831

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw in the processing of received ICMP errors such as ICMP fragments and ICMP redirections within the Linux kernel’s functionality was identified. This flaw allows an off-path remote user to quickly scan open UDP ports. This vulnerability enables a remote user to bypass the UDP source port...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nvme: fixed the SRCU protection for the nvmenshead list The process of walking the nvmenshead siblings list is protected by the head’s srcu in nvmensheadsubmitbio, but not in nvmempathrevalidatePaths. Removing namespaces from...

PT-2026-49047

Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.98 Description A heap buffer out-of-bounds read occurs in the antivirus engine when scanning a malformed Windows PE Portable Executable file. This issue may lead to local execution of code or a...

CVE-2026-9522

Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...

CVE-2026-5600

A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in events belonging to the respective organizer. This allows an API consumer to access information for all other events under the same organizer, even those th...

AI Threat Readiness Pillar 1: Reduce Critical Exposures & Scan with AI

Diving into the first pillar of the AI Threat Readiness Framework and how Wiz helps...

CVE-2026-45255 Remote code execution via installer Wi-Fi access point scans

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

zparty

Zparty Automated web penetration testing framework with loc...

AutoGPT 代码问题漏洞

AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. There were code vulnerabilities in versions 0.1.0 to 0.6.51 of AutoGPT. These vulnerabilities stemmed from the SendEmailBlock function, which accepted parameters for the smtpserver and...

EUVD-2026-28719

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

secscan

secscan !PyPI versionhttps://img.shields.io/pypi/v/secsca...

CVE-2026-43307

The CVE concerns the Linux kernel iio: accel: adxl380 driver. The interrupt handler can miscalculate FIFO entries because the sensor fills FIFO one sample at a time while batches are read, causing the FIFO status to report a non-multiple of N. This can cause the driver to read more entries than p...

Your Redis Server Looks Fine. That’s the Problem.

Introduction There’s an automated attack circulating right now that breaks into unprotected Redis servers, takes over the underlying machine, and then carefully puts everything back the way it found it. It restores the database filename. It deletes the tools it used. It detaches from the...

Use of Incorrectly-Resolved Name or Reference

Overview @cyclonedx/cdxgen is a Creates CycloneDX Software Bill of Materials SBOM from source or container image Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in path resolution performed in docker.js, before credential selection. An attacker wh...