Astra Linux - уязвимость в firefox, thunderbird, nss

After accepting an untrusted certificate, handling an empty PKCS7 sequence as part of the certificate data could have led to a crash. This crash is believed to be exploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Do not use WARN when encode fails When asn1encodesequence fails, using WARN is not the correct solution. 1. asn1encodesequence is not an internal function it’s located in lib/asn1encode.c. 2. Its location is known...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: tracing: Fixed an out-of-bounds write in traceseqtobuffer. syzbot reported this bug: BUG: KASAN: Out-of-bounds access in traceseqtobuffer in kernel/trace/trace.c:1830 inline BUG: KASAN: Out-of-bounds access in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: Fixed the race condition in serdev. The yt21380fcserdevprobe function calls devmserdevdeviceopen before setting the client operations using serdevdevicesetclientops. This...

CVE-2026-32738

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF sequence file. This file, with samplesperchunk=0, triggers an unsigned integer underflow, causing the library to map all samples t...

CVE-2026-32739

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF High Efficiency Image File Format sequence file. This would trigger an infinite loop during file parsing, consuming 100% CPU...

CVE-2026-32739

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string

Summary dasel's selector lexer panics with an index-out-of-range error when tokenizing a quoted string that ends with a trailing backslash e.g., "\ or '. A 2-byte input causes an immediate process crash via Go runtime panic. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8...

GHSA-M5J3-4634-C2VQ Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string

Summary dasel's selector lexer panics with an index-out-of-range error when tokenizing a quoted string that ends with a trailing backslash e.g., "\ or '. A 2-byte input causes an immediate process crash via Go runtime panic. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8...

GHSA-CRC3-H8V6-QH57 GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injection

Summary A security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. Details The vulnerability stems from the way GitHub CLI handles raw Actions log...

UBUNTU-CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

PT-2026-42002

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description An issue in the HEIF and AVIF file format decoder and encoder allows a specially crafted 800-byte HEIF sequence file to trigger an infinite loop in the Box stts::get sample duration function. This...

PT-2026-41995

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description An unsigned integer underflow occurs in the Chunk constructor when processing a crafted HEIF sequence file containing samples per chunk=0 in the stsc box. This causes all samples to map to an empty...

CLSA-2026-1779124827 log4j: Fix of CVE-2026-34479

CVE-2026-34479: fix Log4j1XmlLayout invalid XML 1.0 character escape...

CVE-2026-41650

A flaw was found in fast-xml-parser. The XMLBuilder component does not properly escape specific sequences "--" in comments and "" in CDATA sections when constructing XML from JavaScript objects. This vulnerability allows an attacker to perform XML injection if user-controlled data is processed...

SUSE CVE-2026-45803

gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

ALPINE-CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...