Lucene search
K

770 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.11 views

CVE-2026-5525

A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds...

7.8CVSS5.9AI score0.00166EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-46124

Name of the Vulnerable Software and Affected Versions Jupyter Enterprise Gateway affected versions not specified Description An input validation issue exists in the prohibited UID and GID feature, which is designed to prevent launching kernels with root privileges UID or GID 0. An attacker can...

9.8CVSS5.8AI score0.00106EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/06/02 3:35 p.m.9 views

CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

5.3CVSS5.8AI score0.00343EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/02 3:35 p.m.40 views

CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

5.3CVSS0.00343EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 3:24 p.m.3 views

SUSE-SU-2026:2113-1 Security update for perl-Net-CIDR-Lite

This update for perl-Net-CIDR-Lite fixes the following issues - CVE-2026-45190: improper validation of trailing newlines or non-ASCII digits can lead to IP ACL bypass bsc1264710. - CVE-2026-45191: extraneous leading zeros in CIDR mask values can lead to IP ACL bypass bsc1264709. - CVE-2026-40198:...

7.5CVSS5.8AI score0.00311EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:1 a.m.6 views

erofs: fix the out-of-bounds nameoff handling for trailing dirents

...

7.1CVSS5.4AI score0.00131EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.9 views

SUSE CVE-2026-46078

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

5.5CVSS5.7AI score0.00131EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 3:16 p.m.16 views

CVE-2026-48544

Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...

8.7CVSS0.00409EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46078

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

7.1CVSS0.00131EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.3 views

UBUNTU-CVE-2026-46078

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

7.1CVSS5.7AI score0.00131EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/27 12:58 p.m.9 views

CVE-2026-46078

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

7.1CVSS5.7AI score0.00131EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.39 views

CVE-2026-46078 erofs: fix the out-of-bounds nameoff handling for trailing dirents

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

7.1CVSS0.00131EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.7 views

CVE-2026-46078

In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...

7.1CVSS5.7AI score0.00131EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/27 12:58 p.m.28 views

CVE-2026-46078

Summary: CVE-2026-46078 affects the Linux kernel EROFS filesystem, where trailing dirents can trigger an out-of-bounds read due to incorrect nameoff handling. The root cause is that namelen calculations for trailing dirents use strnlen with unchecked nameoffs, allowing underflow when nameoff >...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.8 views

CVE-2026-46078

erofs: fix the out-of-bounds nameoff handling for trailing dirents...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary- checks for nameoffs, but the trailing dirents are special...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43945

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the EROFS Enhanced Read-Only File System implementation where out-of-bounds handling occurs for trailing...

7.1CVSS5.9AI score0.00131EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/19 8:8 p.m.18 views

Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string

Summary dasel's selector lexer panics with an index-out-of-range error when tokenizing a quoted string that ends with a trailing backslash e.g., "\ or '. A 2-byte input causes an immediate process crash via Go runtime panic. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8...

5.8AI score0.00052EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/19 9:24 a.m.6 views

CLSA-2026-1779182686 postfix: Fix of CVE-2026-43964

CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...

7.5CVSS6AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 9:12 a.m.9 views

CLSA-2026-1779181947 postfix: Fix of CVE-2026-43964

CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...

7.5CVSS6AI score0.00415EPSS
Exploits0References1
Rows per page
Query Builder