libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the asn1expendoctetstring function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service DoS condition, making the...

GHSA-F4XH-W4CJ-QXQ8 vulnerabilities

Vulnerabilities for packages: py3-langsmith...

CVE-2026-44974 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

GHSA-36HH-X5P5-JGC8 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

CVE-2026-55602 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines...

GHSA-64MM-VXMG-Q3VJ vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines...

CVE-2026-41579 vulnerabilities

Vulnerabilities for packages: rancher-agent, node-feature-discovery, nvidia-container-toolkit, sriov-network-device-plugin, k8s-device-plugin...

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

CVE-2026-57053

GNU libidn before 1.44 is prone to out-of-bounds reads ofuninitialized...

CVE-2026-56968

GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsas...

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

GHSA-M25M-5778-FM22 vulnerabilities

Vulnerabilities for packages: grafana-fips...

CVE-2020-12459 vulnerabilities

Vulnerabilities for packages: grafana-fips...

EUVD-2026-38436

Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server nuxt dev on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivileged co-resident users can exploit t...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...