CVE-2026-46155

CVE-2026-46155 affects the Linux kernel SMB client. The vulnerability is an out-of-bounds read in smb2_compound_op() caused by memcpy reading size[0] (OutputBufferLength) when iov_len is smaller than that length after a truncated server response. This can leak adjacent kernel heap memory. Impact ...

PT-2026-40842

Four CVEs CVE-2026-29103, CVE-2026-29104, CVE-2026-29892, CVE-2026-30441 shared the same root cause. An MCP server's response to the client includes free-form text fields — tool descriptions, resource summaries, prompt argument hints. These fields are surfaced into the…...

SUSE CVE-2026-31708

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...

CVE-2026-42471

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client Connection.php:76 calls unserialize on data received from the server response, enabling client-side RCE if connecting to a malicious server...

CVE-2026-42513

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response. Successful exploitation of this...

CVE-2026-42513

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response. Successful exploitation of this...

EUVD-2026-26196

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response. Successful exploitation of this...

CVE-2026-42513 Authentication Bypass Vulnerability in e-Sushrut HMIS

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response. Successful exploitation of this...

CVE-2026-42513

CVE-2026-42513 affects e-Sushrut HMIS. The vulnerability stems from improper authentication logic that relies on client-side response parameters to determine login status, enabling a remote attacker to intercept and modify server responses to bypass authentication and gain unauthorized access to ...

PT-2026-35881

Name of the Vulnerable Software and Affected Versions e-Sushrut affected versions not specified Description Improper authentication logic relies on client-side response parameters to determine authentication status. A remote attacker can intercept and modify the server response to bypass...

CVE-2026-1014 IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...

PT-2026-28120

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...

GO-2026-4593 Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOS in github.com/traefik/traefik

Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOS in github.com/traefik/traefik...

CVE-2026-26998 Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is...

PT-2026-23083

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.38 and 3.6.9 Description Traefik, an HTTP reverse proxy and load balancer, has a potential issue in how it manages responses from the ForwardAuth middleware. When configured to use ForwardAuth, the response body...

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

GO-2026-4348 Client DoS via malformed server response in github.com/theupdateframework/go-tuf

Client DoS via malformed server response in github.com/theupdateframework/go-tuf...

EUVD-2026-3673

go-tuf is a Go implementation of The Update Framework TUF. Starting in version 2.0.0 and prior to version 2.3.1, if the TUF repository or any of its mirrors returns invalid TUF metadata JSON valid JSON but not well formed TUF metadata, the client will panic during parsing, causing a denial of...

CVE-2025-51602

mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...

OPENSUSE-SU-2026:20038-1 Security update for wget2

This update for wget2 fixes the following issues: Changes in wget2: - Update to release 2.2.1 Fix file overwrite issue with metalink CVE-2025-69194 bsc1255728 Fix remote buffer overflow in getlocalfilenamereal CVE-2025-69195 bsc1255729 Fix a redirect/mirror regression from 400713ca Use the local...