770 matches found
CVE-2026-5525
A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds...
PT-2026-46124
Name of the Vulnerable Software and Affected Versions Jupyter Enterprise Gateway affected versions not specified Description An input validation issue exists in the prohibited UID and GID feature, which is designed to prevent launching kernels with root privileges UID or GID 0. An attacker can...
CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes
NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...
CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes
NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...
SUSE-SU-2026:2113-1 Security update for perl-Net-CIDR-Lite
This update for perl-Net-CIDR-Lite fixes the following issues - CVE-2026-45190: improper validation of trailing newlines or non-ASCII digits can lead to IP ACL bypass bsc1264710. - CVE-2026-45191: extraneous leading zeros in CIDR mask values can lead to IP ACL bypass bsc1264709. - CVE-2026-40198:...
erofs: fix the out-of-bounds nameoff handling for trailing dirents
...
SUSE CVE-2026-46078
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
CVE-2026-48544
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...
CVE-2026-46078
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
UBUNTU-CVE-2026-46078
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
CVE-2026-46078
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
CVE-2026-46078 erofs: fix the out-of-bounds nameoff handling for trailing dirents
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
CVE-2026-46078
In the Linux kernel, the following vulnerability has been resolved: erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary-checks for nameoffs, but the trailing dirents are special since the namelens are calculated with strnlen with unchecked nameoff...
CVE-2026-46078
Summary: CVE-2026-46078 affects the Linux kernel EROFS filesystem, where trailing dirents can trigger an out-of-bounds read due to incorrect nameoff handling. The root cause is that namelen calculations for trailing dirents use strnlen with unchecked nameoffs, allowing underflow when nameoff >...
CVE-2026-46078
erofs: fix the out-of-bounds nameoff handling for trailing dirents...
Linux Distros Unpatched Vulnerability : CVE-2026-46078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: fix the out-of-bounds nameoff handling for trailing dirents Currently we already have boundary- checks for nameoffs, but the trailing dirents are special...
PT-2026-43945
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the EROFS Enhanced Read-Only File System implementation where out-of-bounds handling occurs for trailing...
Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string
Summary dasel's selector lexer panics with an index-out-of-range error when tokenizing a quoted string that ends with a trailing backslash e.g., "\ or '. A 2-byte input causes an immediate process crash via Go runtime panic. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8...
CLSA-2026-1779182686 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
CLSA-2026-1779181947 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...