Improper Memory Buffer Handling

uuid is vulnerable to Improper Memory Buffer Handling. The vulnerability is due to missing validation of buffer size and offset values during UUID generation, which allows an attacker to trigger silent partial writes into caller-provided buffers...

PT-2026-39020

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the btrfs component where the 'set received' ioctl can trigger a transaction abort due to an item overflow when adding the BTRFS UUID KEY RECEIVED SUBVOL. A user who...

CVE-2026-41907

A flaw was found in uuid. The library's versions v3, v5, and v6 do not adequately check the size of external memory buffers provided by applications. This oversight allows the library to write data beyond the designated buffer limits without signaling an error. Such out-of-bounds writes can lead ...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...

PT-2026-35547

Values produced by $random.value are not suitable for use as secrets. $random.uuid is not affected. $random.int and $random.long should never be used for secrets as they are numeric values with a predictable range. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15...

EUVD-2026-25652

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6teui64: reject invalid MAC header for all packets eui64mt6 derives a modified EUI-64 from the Ethernet source address and compares it with the low 64 bits of the IPv6 source address. The existing guard only rejects ...

UBUNTU-CVE-2026-41907

uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes small buf or large offset. This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0...

CVE-2026-41907

uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes small buf or large offset. This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0...

CVE-2026-31622 NFC: digital: Bounds check NFC-A cascade depth in SDD response handler

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...

EUVD-2026-25190

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

EUVD-2026-25164

OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when safeMode is enabled, unapproved forum posts are hidden from the public list, but the direct post-read procedure still returns the full post to anyone with the post UUID. Commit...

uuid 安全漏洞

uuid is a JavaScript module developed by UUID, which allows for the generation of RFC-compliant UUIDs in JavaScript. Versions of uuid prior to 14.0.0 contained security vulnerabilities. These vulnerabilities occurred due to the use of an external output buffer, and accidental writes could occur...

PT-2026-34639

Name of the Vulnerable Software and Affected Versions uuid versions prior to 14.0.0 Description Unexpected writes can occur when external output buffers are used and the UUID version is 3, 5, or 6. Recommendations Update to version 14.0.0 or later...

Vikunja 安全漏洞

Vikunja is an open-source to-do application developed by Vikunja. Versions of Vikunja prior to 2.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the CalDAV method, which did not verify the user’s access rights to task items when retrieving tasks by UID. This could allow...

GHSA-9P93-7J67-5PC2

creationtimestamp| type| source ---|---|--- 2026-04-09 23:30:23+00:00| published-proof-of-concept| Telegram/n2dd6XRjJv9G8jt1S2EaZawu98TdZ3-sGq35ZGwXZFcMAwI...

CVE-2026-31410

A flaw was found in ksmbd in the Linux kernel. This vulnerability occurs because ksmbd incorrectly uses a fallback identifier when a volume's Universal Unique Identifier UUID is not available in FSOBJECTIDINFORMATION. This could lead to improper volume identification...

HTTPS Fetch, Windows Command Shell, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/https/x86/shell/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...

HTTPS Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/https/x86/vncinject/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...