Astra Linux – Vulnerability in Zabbix

Templates do not properly handle backticks as JavaScript string delimiters, and do not escape them as expected. Backticks have been used since ES6 for JavaScript template literals. If a template contains a Go template action within a JavaScript template literal, the contents of the action can be...

CVE-2026-48708 OliveTin has a Concurrent Template Parsing Race Condition which Leads to Cross-Request Command Contamination

OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, the template engine uses a single shared text/template.Template instance tpl package-level variable in service/internal/tpl/templates.go across all goroutines. Every action execution calls...

CVE-2026-48708

OliveTin is affected by a race condition in the template engine. In versions up to 3000.0.0, a single shared text/template.Template instance (tpl) is used across all goroutines, and actions perform tpl.Parse(source) followed by t.Execute() without synchronization. Under concurrent ExecRequests, t...

DEBIAN-CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

CLSA-2026-1776965055 Fix CVE(s): CVE-2025-32988, CVE-2025-32990

SECURITY UPDATE: heap buffer overflow in certtool template parsing - debian/patches/CVE-2025-32990.patch: use callocMAXENTRIES + 1 instead of mallocMAXENTRIES in READMULTILINE and READMULTILINETOKENIZED macros in src/certtool-cfg.c. - CVE-2025-32990 SECURITY UPDATE: double free when exporting...

OESA-2026-1967 rubygem-addressable security update

Addressable is a replacement for the URI implementation that is part of Ruby's standard library. It more closely conforms to the relevant RFCs and adds support for URI and URL templates. Security Fixes: Within the URI template implementation in Addressable, two classes of URI template generate...

Scriban has Uncontrolled Recursion in Parser Leads to Stack Overflow and Process Crash (Denial of Service)

Scriban is vulnerable to an uncontrolled process crash resulting in a Denial of Service. Because the recursive-descent parser does not enforce a default limit on expression depth, an attacker who controls template input can craft a heavily nested template that triggers a StackOverflowException. I...

EulerOS Virtualization 2.12.1 : gnutls (EulerOS-SA-2026-1428)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization...

EulerOS Virtualization 2.10.0 : gnutls (EulerOS-SA-2026-1169)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

MiracleLinux 7 : gnutls-3.3.29-9.0.1.el7.AXS7 (AXSA:2025-10917:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10917:04 advisory. CVE-2025-32990: fix memory corruption in when parsing a template file CVEs: CVE-2025-32990 A heap-buffer-overflow off-by-one flaw was found in the GnuTLS...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gnutls (UTSA-2025-991091)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991091 advisory. A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings fro...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnutls (UTSA-2025-990961)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990961 advisory. A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings fro...

Astra Linux – Vulnerability in gnutls28

A heap-buffer-overflow off-by-one flaw was discovered in the GnuTLS software during the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption a...

EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2259)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads...

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2025-2194)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A NULL pointer dereference flaw was found in the GnuTLS software in gnutlsfigurecommonciphersuite.CVE-2025-6395 A heap-buffer-overflow off-by-one...

RLSA-2025:16116 Moderate: gnutls security, bug fix, and enhancement update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...

RockyLinux 9 : gnutls (RLSA-2025:16116)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:16116 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension parsing CVE-2025-32989 gnutls:...

gnutls: Vulnerability in GnuTLS certtool template parsing

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

gnutls: Vulnerability in GnuTLS certtool template parsing

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...