USN-7884-1 openjdk-25 vulnerabilities

Jinfeng Guo discovered that the Security component of OpenJDK 25 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JAX...

Hugging Face Transformers 安全漏洞

Hugging Face Transformers is Hugging Face's open source advanced natural language processing for Jax, PyTorch and TensorFlow. A security vulnerability exists in Hugging Face Transformers version 4.52.4 and earlier, which stems from the mishandling of numeric strings in the normalizenumbers method...

ImageMagick 安全漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick versions prior to 6.9.13-28 and 7.1.2-2, which stems from improper handling of geometric strin...

GHSA-32JF-H775-G29H MongoDB Rust driver may issue unintended commands

Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2...

USN-5007-1 libuv1 vulnerability

Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash...