MGASA-2026-0140 Updated perl-HTTP-Tiny packages fix security vulnerability

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. CVE-2026-7010...

Updated perl-HTTP-Tiny packages fix security vulnerability

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. CVE-2026-7010...

CLSA-2026-1778790079 perl: Fix of CVE-2023-31486

CVE-2023-31486: HTTP::Tiny verifies TLS certificates by default...

SUSE CVE-2026-7010

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

Linux Distros Unpatched Vulnerability : CVE-2026-7010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and U...

DEBIAN-CVE-2026-7010

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

CVE-2026-7010 HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

HTTP::Tiny 注入漏洞

HTTP::Tiny is a small, simple, and correct HTTP/1.1 client developed by Perldoc. Versions prior to HTTP::Tiny 0.093 had an injection vulnerability due to unvalidated CRLF characters. This vulnerability could allow attackers to inject additional headers and request payloads...

PT-2026-39866

Name of the Vulnerable Software and Affected Versions HTTP::Tiny versions prior to 0.093 Description Perl HTTP::Tiny fails to validate CRLF Carriage Return Line Feed sequences in HTTP request lines or control field header values. The issue involves unvalidated inputs including the method and URI ...

When the Ruler Is Broken: Parsing-Induced Suppression in LLM-Based Security Log Evaluation

LLM-based SOC log classifiers are commonly evaluated using regular-expression pipelines that extract structured fields from free-form model output. We demonstrate that this practice introduces a class of silent, systematic evaluation errors, which we term parsing-induced suppression that can caus...

SUSE CVE-2026-43115

In the Linux kernel, the following vulnerability has been resolved: srcu: Use irqwork to start GP in tiny SRCU Tiny SRCU's srcugpstartifneeded directly calls schedulework, which acquires the workqueue pool-lock. This causes a lockdep splat when callsrcu is called with a scheduler lock held, due t...

EUVD-2026-27639

In the Linux kernel, the following vulnerability has been resolved: srcu: Use irqwork to start GP in tiny SRCU Tiny SRCU's srcugpstartifneeded directly calls schedulework, which acquires the workqueue pool-lock. This causes a lockdep splat when callsrcu is called with a scheduler lock held, due t...

CVE-2026-43115

In the Linux kernel, the following vulnerability has been resolved: srcu: Use irqwork to start GP in tiny SRCU Tiny SRCU's srcugpstartifneeded directly calls schedulework, which acquires the workqueue pool-lock. This causes a lockdep splat when callsrcu is called with a scheduler lock held, due t...

CVE-2026-43115

The CVE-2026-43115 entry documents a Linux kernel fix for Tiny SRCU: srcu_gp_start_if_needed() previously called schedule_work(), acquiring pool->lock and triggering a lockdep splat when call_srcu() runs with a scheduler lock held. The remediation adds irq_work_sync() to cleanup_srcu_struct() ...

CVE-2026-43115

In the Linux kernel, the following vulnerability has been resolved: srcu: Use irqwork to start GP in tiny SRCU Tiny SRCU's srcugpstartifneeded directly calls schedulework, which acquires the workqueue pool-lock. This causes a lockdep splat when callsrcu is called with a scheduler lock held, due t...

CVE-2026-43115 srcu: Use irq_work to start GP in tiny SRCU

In the Linux kernel, the following vulnerability has been resolved: srcu: Use irqwork to start GP in tiny SRCU Tiny SRCU's srcugpstartifneeded directly calls schedulework, which acquires the workqueue pool-lock. This causes a lockdep splat when callsrcu is called with a scheduler lock held, due t...

CLSA-2026-1777548161 Fix CVE(s): CVE-2023-31486

SECURITY UPDATE: HTTP::Tiny does not verify TLS certificates by default - debian/patches/CVE-2023-31486.patch: flip verifySSL default from 0 to 1 in cpan/HTTP-Tiny/lib/HTTP/Tiny.pm; add PERLHTTPTINYSSLINSECUREBYDEFAULT escape-hatch env var; update POD SSL SUPPORT - TLS/SSL SUPPORT,...

Exploit for CVE-2026-31431

Copy Fail Tiny ELF - CVE-2026-31431 This is a minimal 801 byt...

OpenSOC-AI: Democratizing Security Operations with Parameter Efficient LLM Log Analysis

Small and medium sized businesses SMBs face an escalating cybersecurity threat landscape, yet most lack the resources to staff full Security Operations Centers SOCs or deploy enterprise grade detection platforms. This paper presents OpenSOC-AI, a lightweight log analysis framework that uses...

CLSA-2026-1776788664 perl: Fix of CVE-2023-31486

CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...