2557 matches found
EUVD-2025-210418
picklescan before 0.0.33 fails to detect unsafe deserialization when numpy.f2py.crackfortran functions call eval on arbitrary strings. Attackers can embed malicious code in pickle files that executes when loaded from untrusted sources...
CVE-2025-71362
picklescan before 0.0.33 fails to detect unsafe deserialization when numpy.f2py.crackfortran functions call eval on arbitrary strings. Attackers can embed malicious code in pickle files that executes when loaded from untrusted sources...
CVE-2026-57451
A flaw in Vim allows an attacker to cause a Denial of Service DoS via an application crash. If a user opens a maliciously crafted undo file, an out-of-bounds read is triggered in the gettextprops function due to missing length validation on property counts. Mitigation Users are advised to avoid...
CVE-2026-44018
A flaw was found in Docling, a tool for document processing. The METS-GBS backend, responsible for parsing XML and detecting document formats, lacked sufficient security controls. This allowed an attacker to create specially crafted METS-GBS archives. When these archives were processed, they coul...
CVE-2026-57081
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...
EUVD-2026-40290
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...
PT-2026-53915
Name of the Vulnerable Software and Affected Versions OpenAPI.NET versions 2.0.0-preview11 through 2.7.4 OpenAPI.NET versions 3.0.0 through 3.5.3 Description An issue in the parsing of OpenAPI documents can lead to process termination due to a stack overflow when a document contains a circular...
GHSA-44HJ-4M45-FRJ3 Fluentd is Vulnerable to Remote Code Execution (RCE) via Arbitrary File Write in `${tag}` Placeholder
Fluentd allows dynamically constructing file paths using the $tag placeholder. It was discovered that validation for this placeholder was insufficient. If a Fluentd instance is configured to receive logs from untrusted sources and uses the $tag placeholder in file configurations such as the path...
PT-2026-53002
Name of the Vulnerable Software and Affected Versions Fluentd versions prior to 1.19.3 Description Insufficient validation of the $tag placeholder allows for the dynamic construction of file paths that can be manipulated. If an instance is configured to receive logs from untrusted sources and use...
GO-2026-5052 Vulnerability in software.sslmate.com/src/go-pkcs12
Users who decode PKCS12 files from untrusted sources and rely on the password for authentication can be tricked into accepting malicious PKCS12 files...
Astra Linux – Vulnerability in docker.io-app
BuildKit is a toolkit for converting source code into build artifacts in an efficient, expressive, and repeatable manner. Two malicious build steps running in parallel, which share the same cache mounts for subpaths, could cause a race condition that allows files from the host system to be...
Astra Linux – Vulnerability in Flatpak
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Starting from version 0.9.4 and before version 1.10.2, Flatpak has a vulnerability in its “file forwarding” feature, which can be exploited by attackers to gain access to files that would normally...
CVE-2026-11463
A security flaw has been identified in the USCiLab Cereal library that could affect the security and stability of applications utilizing it. Mitigation Since the vulnerability is triggered by processing malicious payloads, immediately restrict network access or input mechanisms that allow...
Duplicate Advisory: picklescan missing detection by simple obfuscation of a `builtins.eval` call
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9m3x-qqw2-h32h. This link is maintained to preserve external references. Original Description picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute...
Improper Restriction of Names for Files and Other Resources
Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Improper Restriction of Names for Files and Other Resources via insufficient sanitization of file extensions during the file download. An attacker can cause arbitrary...
CVE-2026-47750
stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the GLOBAL opcode...
CVE-2026-47749
stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. Versions prior to master-584-0a7ae07 are vulnerable to heap buffer overflow in SHORTBINUNICODE parsing for PyTorch checkpoint files. The pickle .ckpt pars...
CVE-2026-47750
The CVE-2026-47750 issue affects stable-diffusion.cpp in its pickle (.ckpt) parser (src/model.cpp). A heap buffer overflow occurs in the GLOBAL opcode handler due to missing validation while locating newline-delimited fields; a crafted .ckpt from an untrusted source can cause the parser to copy w...
Symlink Attack
Overview langchain-anthropic is an Integration package connecting Claude Anthropic APIs and LangChain Affected versions of this package are vulnerable to Symlink Attack via the file-search middleware and loaders that resolve filesystem paths and search patterns without confining the resolved path...
CVE-2026-6039
A flaw was found in LibreOffice. This vulnerability, a heap buffer overflow, occurs when processing specially crafted DXF Drawing Exchange Format polyline files. An attacker could exploit this by convincing a user to open a malicious DXF file, which may lead to a denial of service DoS due to...