CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

CVE-2026-6420

CVE-2026-6420 affects Keylime: a flaw in the verifier uses a hardcoded TPM quote nonce instead of a cryptographically random value. An attacker with root on an enrolled monitored machine where the Keylime agent runs can stockpile valid TPM quotes and replay them to evade detection after compromis...

GHSA-63X8-X938-VX33 SP1 V6 Recursion Circuit Row-Count Binding Gap

Summary A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. - Affected versions: = 6.0.0, = 6.0.2 - Not affected: SP1 V5 all versions - Severity: High Details Background...

Triton VM Soundness Vulnerability due to Improper Sampling of Randomness

In affected versions of Triton VM, the verifier failed to correctly sample randomness in the FRI sub-protocol. Malicious provers can exploit this to craft proofs for arbitrary statements that this verifier accepts as valid, undermining soundness. Protocols that rely on proofs and the supplied...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002637 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

ibc (>=0.11.0 <=0.19.0), ibc-client-tendermint (>=0.48.0 <=0.55.1) +11 more potentially affected by unknown CVE via tendermint-light-client-verifier (>=0.23.5 <=0.38.1)

tendermint-light-client-verifier CARGO version =0.23.5, =0.11.0, =0.48.0, =0.48.0, =0.11.0, =0.11.0, =0.11.0, =0.11.0, =0.15.0, =0.1.0, =0.23.5, =0.32.0, =0.23.0, =0.1.0, =0.1.0-pre.1 Source cves: unknown CVE Source advisory: OSV:GHSA-6JRF-4JV4-R9MW...

GHSA-C873-WFHP-WX5M SP1 has missing verifier checks and fiat-shamir observations

In SP1’s STARK verifier, the prover provided chipordering is used to fetch the index of the chips that have preprocessed columns. Prior to v4.0.0, the validation that this chipordering correctly provides these indexes was missing. In v4.0.0, this was fixed by adding a check that the indexed chip’...

DEBIAN-CVE-2022-0264

A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...

Linux kernel denial of service vulnerability (CNVD-2017-38509)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in kernel/bpf/verifier.c in Linux kernel version 4.14.8 and earlier. A local...

physiopraxis - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application physiopraxis published at the 'play' market has multiple vulnerabilities...

CVE-1999-0141

Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet...