JLSEC-2026-414 When a protocol selection parameter option disables all protocols without adding any then the...

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...

wget2/wget_options_fuzzer: Heap-buffer-overflow in _iri_unescape_inline

Project: https://gitlab.com/gnuwget/wget2.git Detailed report: https://oss-fuzz.com/testcase?key=5668230217072640 Project: wget2 Fuzzer: libFuzzerwget2wgetoptionsfuzzer Fuzz target binary: wgetoptionsfuzzer Job Type: libfuzzerasanwget2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...

xmlsec/xmlsec_fuzzer: Heap-use-after-free in xmlStrndup

Project: https://github.com/lsh123/xmlsec.git Detailed report: https://oss-fuzz.com/testcase?key=5630952466808832 Project: xmlsec Fuzzer: libFuzzerxmlsecfuzzer Fuzz target binary: xmlsecfuzzer Job Type: libfuzzerasanxmlsec Platform Id: linux Crash Type: Heap-use-after-free READ 1 Crash Address:...

libarchive: Heap-buffer-overflow in process_extra

Project: https://github.com/libarchive/libarchive.git Detailed report: https://oss-fuzz.com/testcase?key=6195919814918144 Project: libarchive Fuzzer: libFuzzerlibarchivefuzzer Fuzz target binary: libarchivefuzzer Job Type: libfuzzerasanlibarchive Platform Id: linux Crash Type: Heap-buffer-overflo...