kernel: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nfflowpppoeproto syzbot found a potential access to uninit-value in nfflowpppoeproto Blamed commit forgot the Ethernet header. BUG: KMSAN: uninit-value in...

CVE-2026-47313

Memory allocation with excessive size value vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47313

Memory allocation with excessive size value vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47313

Memory allocation with excessive size value vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

PT-2026-42028

Name of the Vulnerable Software and Affected Versions libp2p versions prior to 16.2.6 Description An unauthenticated remote peer can cause disk storage exhaustion on any @libp2p/kad-dht node operating in server mode. This occurs when an attacker sends an unbounded stream of PUT VALUE messages usi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

GHSA-VHRH-72HQ-W8M7 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...

Improper Neutralization of Special Elements Used in a Template Engine

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the submission handling process for Hidden fields with the Default value set to Custom. An attacker can execute arbitrary server-side code by submitting crafted...

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the 7zip file upload process. An attacker can exhaust server memory resources by uploading a specially crafted 7zip archive containing excessive folder declarations. Remediation Upgrade...

BIT-ETCD-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

[SECURITY] Fedora 43 Update: valkey-8.1.7-1.fc43

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

OSV-2024-1464 Use-of-uninitialized-value in Splash::compositeBackground

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513891492 Crash type: Use-of-uninitialized-value Crash state: Splash::compositeBackground SplashOutputDev::setSoftMask Gfx::doSoftMask...

PT-2026-41776

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An invalid connected-components:keep-top value can lead to a heap buffer over-read during the connected components operation. A heap buffer over-read occurs when...

ruby-jwt: Empty-key HMAC bypass; cross-language sibling of CVE-2026-44351

JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token. OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key, and no raise InvalidKeyError if key.empty? precondition exists in the HMAC algorithm. JWT.decodetoken, "", true, algorithm: 'HS256' ...

kv-cache-side-channel-poc

KV Cache Side-Channel: Cross-Tenant Timing Oracle Proof of co...

etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

...

Net::Statsd::Tiny 注入漏洞

Net::Statsd::Tiny is a lightweight StatsD client developed by Robert Rothenberg, which supports the aggregation of multiple metrics. Versions of Net::Statsd::Tiny prior to 0.3.8 had an injection vulnerability. This vulnerability stemmed from the lack of checks for line breaks, colons, or vertical...

CVE-2026-8723

Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. The throw is synchronous and not handled by any of qs's null-related options skipNulls, strictNullHandling. Details In the comma + encodeValuesOnly...

CVE-2025-0028

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2025-29938

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...