CVE-2025-68756

In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...

UBUNTU-CVE-2025-68756

In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...

Malicious Package

Overview github-badge-bot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview utif-updated is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @airtel-web/legos is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @airtel-web/clickstream is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

EUVD-2026-0706

A vulnerability was detected in UTT 进取 512W 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formFtpServerShareDirSelcet. Performing manipulation of the argument oldfilename results in buffer overflow. The attack can be initiated remotely. The exploit is now public...

libpcap 1.10.6

Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump...

EUVD-2025-206110

To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...

PT-2026-7113

Name of the Vulnerable Software and Affected Versions Recursor affected versions not specified Description Improperly crafted zones may cause increased resource consumption. Additionally, crafted CNAME chains can lead to cache poisoning within the Recursor. Recommendations At the moment, there is...

PT-2026-6172

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the arm64/fpsimd component related to the restoration of SVE context when SME is supported. Restoring SVE signal context can lead to an invalid state,...

PT-2026-25380

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.37.2 Description cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. When a cpp-httplib client is configured with a proxy and set follow locationtrue, HTTPS redirects can silently...

PT-2026-26191

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.9.1 Description pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to create a malicious PDF that can cause prolonged runtimes and/or significant memory usage...

PT-2026-27134

Name of the Vulnerable Software and Affected Versions github.com/antchfx/xpath affected versions not specified Description A flaw exists in the github.com/antchfx/xpath component that allows a remote attacker to cause a Denial of Service DoS condition. This is achieved by submitting crafted Boole...

PT-2026-25910

Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...

PT-2026-28367

Name of the Vulnerable Software and Affected Versions Dovecot versions prior to 2.4.3-1.1 Description A mail message with a large number of RFC 2231 MIME parameters can cause excessive CPU usage in LMTP. A specially crafted message can lead to significant CPU time consumption during mail delivery...

Malicious Package

Overview @vietmoney/vietmoneywork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview @vietmoney/react-big-calendar is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview @vietmoney/react-native-image-transformer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

Malicious Package

Overview @vietmoney/react-native-action-button is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...