CVE-2026-3137

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file foodordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed public...

DEBIAN-CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27942 fast-xml-parser has stack overflow in XMLBuilder with preserveOrder

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27942 fast-xml-parser has stack overflow in XMLBuilder with preserveOrder

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

DEBIAN-CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

UBUNTU-CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821

GPAC has a stack-based overflow in NHML demuxer (dmx_nhml.c) affecting versions up to 26.02.0. The parser copies the xmlHeaderEnd attribute into a 1000-byte buffer with strcpy(), enabling overflow if input exceeds 1000 bytes. A fix is available via commit 9bd7137fded2db40de61a2cf3045812c8741ec52....

CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

PT-2026-22061

Name of the Vulnerable Software and Affected Versions GPAC versions up to and including 26.02.0 Description GPAC is an open-source multimedia framework. A stack buffer overflow occurs during NHML file parsing in src/filters/dmx nhml.c. The xmlHeaderEnd XML attribute’s value from att-value is copi...

Golioth Firmware SDK 安全漏洞

Golioth Firmware SDK is an open-source software development toolkit developed by Golioth. Versions of the Golioth Firmware SDK from 0.10.0 to 0.22.0 contained security vulnerabilities. These vulnerabilities were caused by a stack-based buffer overflow in the Payload Utils library, which could lea...

PT-2026-22099

Name of the Vulnerable Software and Affected Versions fast-xml-parser versions prior to 5.3.8 Description fast-xml-parser is a tool for XML validation, parsing XML to JavaScript objects, and building XML from JavaScript objects without relying on C/C++ libraries or callbacks. Prior to version...

fast-xml-parser 安全漏洞

fast-xml-parser is an open-source library developed by Natural Intelligence. It is used for quickly validating, parsing, and constructing XML files without relying on C/C++-based libraries or callbacks. Versions of fast-xml-parser prior to 5.3.8 contained a security vulnerability. This...