GHSA-394X-VWMW-CRM3 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid D...

EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2026-1552)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that...

CURL-CVE-2025-14017 broken TLS options for threaded LDAPS

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

Denial Of Service (DoS)

Authlib is vulnerable to Denial-Of-Service via Oversized JWS/JWT. The vulnerability is due to Authlib accepting base64url-encoded header or signature inputs of unbounded size, allowing attackers to send tokens with huge encoded header/signature fields that exhaust CPU and memory during verificati...