PT-2026-28431

Name of the Vulnerable Software and Affected Versions LibreChat versions 0.8.2-rc2 through 0.8.2-rc3 Description LibreChat, a ChatGPT clone, has an issue where the SSE streaming endpoint /api/agents/chat/stream/:streamId does not confirm that the user making the request is authorized to access th...

drm/amd/display: Do not return negative stream id for array

...

kernel: net: stmmac: dwmac-tegra: Read iommu stream id from device tree

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hard coded to use MGBE0's...

UBUNTU-CVE-2016-0756

The generatedialback function in the moddialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix...

kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID

Buffer overflow in net/sctp/smstatefuns.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN aka FORWARD-TSN chunk with a large stream ID...