Astra Linux – Vulnerability in GhostScript

A issue was discovered in Artifex Ghostscript prior to version 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in the psi/zbfont.c file...

Astra Linux – Vulnerability in Chromium

The double-free operation in the ICU of Google Chrome before version 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in ICU

It was discovered that International Components for Unicode ICU-20850 v66.1 contains a use after free bug in the pkgcreateWithAssemblyCode function in the tools/pkgdata/pkgdata.cpp file...

Astra Linux – Vulnerability in RustC

A issue was discovered in the Bidirectional Algorithm in the Unicode Specification through version 14.0. This algorithm allows for the visual reordering of characters through control sequences, which can be used to create source code that implements logic different from the logical order of token...

Astra Linux – Vulnerability in Python-Django

In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uritoiri is susceptible to a potential Denial-of-Service DoS attack due to certain inputs containing a very large number of Unicode characters...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “vt: fix unicode buffer corruption when deleting characters” This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 “vt: fix memory overlapping when deleting chars in the buffer”. The solution is als...

Astra Linux – Vulnerability in RustC

In the standard library of Rust before version 1.49.0, the String::retain function has a panic security issue. It allows the creation of a non-UTF-8 Rust string when the provided closure panics. This bug could lead to a memory safety violation if other string APIs assume that UTF-8 encoding is us...

Astra Linux – Vulnerability in Shadow

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly for example, adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file...

Path Confusion

Caddy is vulnerable to Path Confusion. The vulnerability is due to incorrect path splitting logic in FastCGI processing, where strings.ToLower is applied before computing byte offsets, causing incorrect SCRIPTNAME, SCRIPTFILENAME, and PATHINFO values for certain Unicode paths and potentially...

Linux Distros Unpatched Vulnerability : CVE-2026-31742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves...

CVE-2026-31742

A flaw was found in the Linux kernel. When a console is resized while in an alternate screen mode, the system may fail to properly update its internal buffer for unicode characters. This can lead to an out-of-bounds memory access when the alternate screen mode is exited, potentially causing a...

CVE-2026-31742

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a subsequent console resize via vcdoresize skips reallocating the unicode...

CVE-2026-31742

The CVE-2026-31742 issue affects the Linux kernel’s virtual terminal (vt) handling of alternate screen mode. When entering alt screen, vc_uni_lines is saved to vc_saved_uni_lines and vc_uni_lines is set to NULL. A subsequent console resize can skip reallocating the unicode buffer because vc_uni_l...

CVE-2026-31742

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a subsequent console resize via vcdoresize skips reallocating the unicode...

EUVD-2026-26555

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a subsequent console resize via vcdoresize skips reallocating the unicode...

CVE-2026-31742 vt: discard stale unicode buffer on alt screen exit after resize

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a subsequent console resize via vcdoresize skips reallocating the unicode...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to discard outdated Unicode buffers when exiting the standby screen after resizing it...

PT-2026-36377

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the virtual terminal vt component where the kernel fails to discard a stale unicode buffer upon exiting the alternate screen after a console resize. When enter alt...

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

CLSA-2026-1777456424 gcc: Fix of CVE-2021-42574

CVE-2021-42574: add -Wbidi-chars warning for Unicode bidirectional text...