CVE-2026-6450

A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when pars...

CVE-2026-6450

CVE-2026-6450 describes a CRL critical extension bypass in ParseCRL_Extensions. It affects builds with CRL support enabled, where a crafted CRL bearing a trusted signature can be accepted due to improper enforcement of critical extensions. The vulnerability’s risk is characterized by a low base s...

CVE-2026-6450 CRL critical extension bypass in ParseCRL_Extensions

A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when pars...

CVE-2026-50129

CVE-2026-50129 affects Mastodon before versions 4.5.11, 4.4.18, and 4.3.24. The issue is a DoS caused by an uncaught exception in the math sanitizer’s MATH_TRANSFORMER due to missing exception handling; malformed nodes can crash the server or disrupt services depending on the action and interact...

CVE-2026-50129 Mastodon: Persistent anonymous DoS via unhandled NoMethodError in MATH_TRANSFORMER

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.11, 4.4.18, and 4.3.24, a DoS can be triggered by Uncaught Exception vulerability, due to missing exception handling in the math sanitizer. Malformed nodes can result in a DoS of a whole server or targeted...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel before version 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. A unhandled page fault may occur...

EulerOS Virtualization 2.13.0 : pyOpenSSL (EulerOS-SA-2026-2414)

According to the versions of the pyOpenSSL packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user...

EulerOS Virtualization 2.13.1 : pyOpenSSL (EulerOS-SA-2026-2385)

According to the versions of the pyOpenSSL packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user...

CVE-2026-46411

FlashMQ is the MQTT broker/server affected by CVE-2026-46411. The issue affects versions prior to 1.26.2, where an authorized client can exceed the permitted over-commit of their write buffer, triggering an internal safe-guard exception in a path that is not catchable and causing the server to ab...

MAL-2026-5396 Malicious code in @sqlite-node/createsql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f6f2c4e3192b71fc68681fbb8c8216a5e581e9f2baaa13954172249a8ddf5b6 The package advertises itself as a SQLite toolkit but ships no SQLite functionality. Its main entry index.js is a single heavily obfuscated module...

EulerOS 2.0 SP11 : pyOpenSSL (EulerOS-SA-2026-2224)

According to the versions of the pyOpenSSL packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback t...

CVE-2025-52611

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

CVE-2025-52611

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

EUVD-2025-210059

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

CVE-2025-52611 HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

CVE-2025-52611

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

CVE-2025-52611 HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

PT-2026-46186

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

HCL iControl 安全漏洞

HCL iControl is an IT infrastructure monitoring and automation platform developed by HCL Company in India. Version 4.0.0 of HCL iControl contains a security vulnerability. This vulnerability arises from unhandled exceptions, which lead to stack trace leaks. It occurs due to accessing the properti...

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...