CVE-2026-41431 Zen Browser MAR updater ships with signature verification removed — unsigned updates accepted

Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...

CVE-2026-41431 Zen Browser MAR updater ships with signature verification removed — unsigned updates accepted

Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...

EUVD-2026-29119

Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...

CVE-2026-41431

Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...

CVE-2026-41431

Zen Browser ships a MAR updater (org.mozilla.updater) with signature verification removed, leaving MAR files unsigned and the updater without verification code. Prior to version 1.19.9b, this enables arbitrary unsigned updates if the update server or GitHub release pipeline is compromised. The is...

SUSE CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017520 advisory. In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

Zen 数据伪造问题漏洞

Zen is an open-source productivity browser based on Firefox. Versions of Zen prior to 1.19.9b contained a data manipulation vulnerability. This vulnerability stemmed from the removal of all MAR signature verifications from the Firefox code base, resulting in MAR files containing zero encrypted...

PT-2026-39659

Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...

PT-2026-39865

Name of the Vulnerable Software and Affected Versions Outline versions prior to 1.7.1 Description The Slack integration callback for the endpoint "/auth/slack.post" accepts an unsigned, session-independent OAuth state value. This allows a third party with a Slack OAuth code for the same Outline...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017623 advisory. In RestoreMSCWarning of /coders/pdf.c there are several areas where calls to GetPixelIndex could result in values outside the range of representable for the unsigned...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017571 advisory. A floating point math calculation in ScaleAnyToQuantum of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of...

Outline 跨站请求伪造漏洞

Outline is an open-source knowledge base developed by Outline. Versions prior to Outline 1.7.1 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the Slack integration callback accepting unsigned OAuth state values, which could allow third parties to link user...

Signed to Unsigned Conversion Error

Overview Affected versions of this package are vulnerable to Signed to Unsigned Conversion Error via the parseuri process. An attacker can cause requests to be sent to unintended ports by exploiting port truncation through manipulation of the URI, potentially leading to unauthorized network acces...

EUVD-2026-28711

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

EUVD-2026-28625

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...

EUVD-2026-28600

In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: Check for out of bounds chipid Clang with CONFIGUBSANSHIFT=y noticed a condition where a signed type literal "1" is an "int" could end up being shifted beyond 32 bits, so instrumentation was added and due to the...

CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...