GHSA-9VC9-4JV3-RF86 @hulumi/policies has a HULUMI-H5 bypass via decoy sibling resources targeting a different bucket

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...

@hulumi/policies has a HULUMI-H5 bypass via decoy sibling resources targeting a different bucket

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...

Malicious code in @godscene/web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1bd83a63f0426cc7c4e1a68886c36ff47de093d9b7edc6b410d16c928be50c1 Package @godscene/[email protected] is a re-bundled copy of the legitimate @midscene/web at the same version, preserving the original description, README,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed a mismatch in the count of ECMP siblings when clearing RTFADDRCONF. The syzbot reported a kernel bug in fib6addrt2node, when adding an IPv6 route. 0 The commit f72514b3c569 "ipv6: Clear RA flags when adding a stati...

MAL-2026-4452 Malicious code in @tailwind-core/webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7955094460738dc65288f88a3bb990c7d3ff52ed3683f11265b7072bd80aa4e3 Package @tailwind-core/webpack impersonates the legitimate Tailwind v4 webpack loader @tailwindcss/webpack. The README copies Tailwind Labs branding ...

OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Summary The BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling directories.TryGetSiblingchild, siblingType, validateColor. A crafted CFB file with cyclic Left/Right sibling links among directory entries -...

CVE-2026-41511

CVE-2026-41511 affects the OpenMcdf .NET/C# library for Compound File Binary (CFB) manipulation. Before version 3.1.3, the library failed to detect cycles in the directory-entry red–black tree, allowing a crafted CFB file to create a cycle in LeftSiblingID/RightSiblingID that causes Storage.Enume...

Infinite loop

Overview OpenMcdf is a fully .NET / C library to manipulate Compound File Binary File Format files, also known as Structured Storage. Affected versions of this package are vulnerable to Infinite loop through the MoveNext traversal logic in the directory tree enumeration code. An attacker can...

CVE-2026-23200

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTFADDRCONF syzbot reported a kernel BUG in fib6addrt2node when adding an IPv6 route. 0 Commit f72514b3c569 "ipv6: clear RA flags when adding a static route" introduced logic to...

MAL-2025-49048 Malicious code in transform-merge-sibling-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d380989059db5a476085e3c65f461f844bd193d30a4f2558f711086525e20ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-31899

Malicious code in bioql PyPI...

EUVD-2025-27917

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53477

In the Linux kernel, the following vulnerability has been resolved: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6nlmsgsize, the length of nexthop is calculated by multipling the nexthop length of fib6info and the number of siblings. However if the fib6info h...

CVE-2023-53477 ipv6: Add lwtunnel encap size of all siblings in nexthop calculation

In the Linux kernel, the following vulnerability has been resolved: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6nlmsgsize, the length of nexthop is calculated by multipling the nexthop length of fib6info and the number of siblings. However if the fib6info h...

Linux Distros Unpatched Vulnerability : CVE-2025-38588

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigge...

SUSE CVE-2025-38588

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

DEBIAN-CVE-2025-38588

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

UBUNTU-CVE-2025-38588

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

CVE-2025-38588 ipv6: prevent infinite loop in rt6_nlmsg_size()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Topology: Keep the cpumask unchanged when printing cpumap. During fuzz testing, the following warning was discovered: Different return values 15 and 11 from vsnprintf"%pbl",.... Warning: “keyward” is a warning in kvasprintf...