CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

OSV-2026-717 Stack-use-after-scope in enter_block_callback

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=511831392 Crash type: Stack-use-after-scope READ 4 Crash state: enterblockcallback mdprocessallblocks mdparse...

PT-2026-40367

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from stack buffer overflows in several underlying...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from stack buffer overflows in several underlying...

PT-2026-40366

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

arduino-esp32 安全漏洞

Arduino-ESP32 is an open-source project by Espressif, designed for use with the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, and ESP32-H2 boards. Versions of Arduino-ESP32 prior to 3.3.8 contained a security vulnerability. This vulnerability stemmed from the WebServer multi-part form parser’s...

Zephyr 安全漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which occurs when sending ICMP ping messages to the device’s own IPv4 address using the net ping shell command. This causes the network stack to recursively re-ente...

PT-2026-40419

After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-40218

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network...

PT-2026-40535

Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 7.5.6 protobufjs versions prior to 8.0.2 Description protobufjs can recurse without a depth limit while decoding nested protobuf data, specifically when skipping unknown group fields and during the generated decodi...

PT-2026-40224

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network...

PT-2026-40365

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

KB5087539: Windows Server 2025 Security Update (May 2026)

The remote Windows host is missing security update 5087539 or hotpatch 5087423. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow...

Adobe After Effects 安全漏洞

Adobe After Effects is a visual effects and dynamic graphics production software developed by Adobe, Inc. This software is primarily used for 2D and 3D compositing, animation production, and visual special effects. Versions of Adobe After Effects such as 26.0, 25.6.4, and earlier versions have...

PT-2026-40214

Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

KB5087545: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (May 2026)

The remote Windows host is missing security update 5087545 or hotpatch 5087424. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Use after free in Windows Hyper...

PT-2026-40369

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

PT-2026-40359

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...