vm2 setup-sandbox.js violates Defense Invariant #11 in stack-trace formatter

Summary defaultSandboxPrepareStackTrace in lib/setup-sandbox.js lines 605, 607 appends to a fresh sandbox-realm lines = via lineslines.length = value. This is the exact invariant-violating pattern that GHSA-9qj6-qjgg-37qq commit ca195f0, 2026-05-01 just patched in neutralizeArraySpeciesBatch and...

GHSA-Q3FM-4WCW-G57X vm2 setup-sandbox.js violates Defense Invariant #11 in stack-trace formatter

Summary defaultSandboxPrepareStackTrace in lib/setup-sandbox.js lines 605, 607 appends to a fresh sandbox-realm lines = via lineslines.length = value. This is the exact invariant-violating pattern that GHSA-9qj6-qjgg-37qq commit ca195f0, 2026-05-01 just patched in neutralizeArraySpeciesBatch and...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cgroup setter in schedext reading scxroot before acquiring a lock. This could lead to reusing...

PT-2026-42689

Summary js-cookie's internal assign helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object's " proto " member is an own enumerable property, so the for…in enumerates it and the targetkey = sourcekey write triggers the...

CLSA-2026-1778891359 libpng: Fix of CVE-2026-34757

CVE-2026-34757: use-after-free in pngsetPLTE, pngsettRNS, pngsethIST, pngsettext, pngsetsPLT and pngsetunknownchunks when the caller passes the pointer returned by the corresponding getter back to the setter...

JLSEC-2026-498

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

CVE-2026-42874 Microdot: HTTP response splitting in Response.set_cookie()

Microdot is a minimalistic Python web framework. Prior to 2.6.1, the Response.setcookie method does not sanitize its string arguments, and in particular will not detect the presence of the \r\n sequence in them. This can be a potential source of header injection attacks. For a header injection...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : libpng vulnerabilities (USN-8251-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8251-1 advisory. It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricke...

Arbitrary Code Injection

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Arbitrary Code Injection despite the recently introduced neutralizeArraySpeciesBatch helper in lib/bridge.js. An attacker can execute arbitrary code ...

Arbitrary Code Injection

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Arbitrary Code Injection despite the recently introduced neutralizeArraySpeciesBatch helper in lib/bridge.js. An attacker can execute...

USN-8251-1 libpng1.6 vulnerabilities

It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute...

USN-8251-1: libpng vulnerabilities

It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute...

OESA-2026-2149 libpng security update

The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...

Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

...

CVE-2026-40897 Math.js: Unsafe object property setter in mathjs

Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the math...

GHSA-29QV-4J9F-FJW5 Unsafe object property setter in mathjs

Impact This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. Patches The issue was introduced in mathjs v13.1.1, an...

Unsafe object property setter in mathjs

Impact This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. Patches The issue was introduced in mathjs v13.1.1, an...

SUSE CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

DEBIAN-CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

PT-2026-31620

Name of the Vulnerable Software and Affected Versions LIBPNG versions 1.0.9 through 1.6.56 Description LIBPNG is a library used by applications to read, create, and manipulate PNG image files. A flaw exists where passing a pointer obtained from png get PLTE, png get tRNS, or png get hIST back int...