GHSA-H9CC-W26M-J342 nimiq-keys: Denial of service in Ed25519 multisig delinearization via invalid curve points

Impact A denial-of-service vulnerability exists in the Ed25519 multisig delinearization code path. Ed25519PublicKey::delinearize in keys/src/multisig/mod.rs called .unwrap on curve point decompression, which panics when a public key is constructed from 32 bytes that do not represent a valid point...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a runtime panic condition in Go JOSE [CVE-2026-34986]

Summary IBM Watson Speech Services Cartridge is vulnerable to a runtime panic condition in Go JOSE, due to an issue occuring when cipher.KeyUnwrap in keywrap.go attempts to allocate a slice with a zero or negative length based on the length of the encryptedkey CVE-2026-34986. Go JOSE is used as...

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

RHEL 10 : edk2 (RHSA-2026:18320)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18320 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

CVE-2026-42545 Granian: DoS via WSGI response header panic

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

PT-2026-38269

Name of the Vulnerable Software and Affected Versions Granian versions 0.2.0 through 2.7.3 Description Granian aborts a worker process when a WSGI application returns an invalid HTTP response header name or value. This occurs because the WSGI response conversion path utilizes .unwrap on both head...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: feem: Fixed a memory leak in eemunwrap The existing code did not handle the failure case of usbepqueue in the command path, potentially leading to memory leaks. Error handling was improved to free all allocated...

Astra Linux - уязвимость в heimdal, samba

A heap-based buffer overflow vulnerability was discovered in Samba, within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow for a length-limited write buffer overflow on memory allocated by malloc, when a...

CVE-2026-41390

CVE-2026-41390 affects OpenClaw prior to 2026.3.28. The vulnerability is an exec allowlist bypass where allow-always persistence does not unwrap wrappers (e.g., /usr/bin/script) before storing trust decisions, enabling a user-approved wrapped command to persist trust for a wrapper that later exec...

Linux Distros Unpatched Vulnerability : CVE-2026-41678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that...

CVE-2026-41678

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. A remote attacker could exploit an incorrect assertion in the aes::unwrapkey function. This flaw causes the function to incorrectly validate buffer sizes, allowing a smaller output buffer tha...

CVE-2026-41678

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

CVE-2026-41678 rust-openssl: Incorrect bounds assertion in aes key wrap

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

CVE-2026-41678

CVE-2026-41678 affects rust-openssl bindings. The aes::unwrap_key() function contains an inverted assertion (out.len() + 8 = in_.len() - 8, allowing potential out-of-bounds writes when buffers are smaller than required. This vulnerability is limited to versions before 0.10.78; 0.10.78 fixes the i...

EUVD-2026-25584

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

CVE-2026-31617

The CVE affects the Linux kernel USB Network Control Model (NCM) gadget driver (usb: gadget: f_ncm). A missing lower bound on block_len checks for NTB headers allows an underflow in ndp_index and datagram offset calculations when block_len ndp_size or dpe_size. This can let a malicious USB host c...

CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

PT-2026-34969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ncm unwrap ntb function where the block len read from the host-supplied NTB header lacks a lower bound check. When block len is smaller than opts-ndp size, the...