PT-2026-20367

Name of the Vulnerable Software and Affected Versions libp11-kit versions prior to 0.26.2-1.1 Description The software contains a NULL dereference issue occurring via the C DeriveKey function when provided with specific NULL parameters. Recommendations Update to libp11-kit version 0.26.2-1.1 or...

Missing Report of Error Condition

Overview Affected versions of this package are vulnerable to Missing Report of Error Condition via the ChargePoint::messagecallback function. An attacker can cause a crash by submitting JSON input exceeding 255 characters, which triggers an exception due to the StringTooLarge parameter being set ...

Input validation

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...

Design/Logic Flaw

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createcollation has a use-after-free...

Design/Logic Flaw

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createwindowfunction has a use-after-free...

Design/Logic Flaw

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createaggregatefunction has a use-after-free...

Design/Logic Flaw

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createscalarfunction has a use-after-free...

Rust rusqlite crate 资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...