React Native Community CLI remote command execution

Added: 02/04/2026 Background React Native is a framework for building mobile JavaScript applications. React Native Community CLI is a collection of command line tools that help developers build React Native mobile applications. Problem A vulnerability in React Native Community CLI when running wi...

CLSA-2025-1752088672 buildah: Fix of CVE-2025-27144

CVE-2025-27144: fix vulnerability in go-jose dependency...

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-9.fc42

Fast, reliable, and secure dependency management...

PT-2024-4386 · Composer +5 · Composer +5

Name of the Vulnerable Software and Affected Versions: Composer versions prior to 2.2.24 and 2.7.7 Description: The issue is related to the incorrect neutralization of special elements in the getUnpushedChanges function of the Composer dependency manager for PHP. This can allow a remote attacker ...

Description of the security update for Office 2016: February 13, 2024 (KB5002519)

Description of the security update for Office 2016: February 13, 2024 KB5002519 Summary This security update resolves a Microsoft Outlook remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-21413. Note: To apply...

Description of the security update for Excel 2016: February 13, 2024 (KB5002536)

Description of the security update for Excel 2016: February 13, 2024 KB5002536 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-20673. Note: To apply thi...

Description of the security update for Office 2016: February 13, 2024 (KB5002469)

Description of the security update for Office 2016: February 13, 2024 KB5002469 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-20673. Note: To apply th...

GHSA-F44Q-634C-JVWV libp2p DoS vulnerability from lack of resource management

Impact Versions older than v0.38.0 of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed ...

libp2p DoS vulnerability from lack of resource management

Impact Versions older than v0.18.0 of go-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed ...

GHSA-MG85-8MV5-FFJR Denial of Service in ammo

All versions of ammo are vulnerable to Denial of Service. The Range HTTP header parser has a vulnerability which will cause the function to throw a system error if the header is set to an invalid value. Because hapi is not expecting the function to ever throw, the error is thrown all the way up t...