PT-2026-23024

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the JSTokenize...

CVE-2025-9394

PoDoFo 1.1.0-dev is affected by CVE-2025-9394 in the PdfTokenizer::DetermineDataType function within PdfTokenizer.cpp (PDF Dictionary Parser). The issue enables a use-after-free condition that can be triggered by manipulating the file locally, with the exploit already published. A patch/commit to...

Medium: ecs-init

Issue Overview: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result i...

AZL-60505 CVE-2025-22872 affecting package kubernetes for versions less than 1.28.4-18

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

GO-2025-3595 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...