❌

Lees weergave

CVE-2026-41140 Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4

Microsoft Security

4 Juni 2026 om 10:41

Information published.

CVE-2026-35414 OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

Microsoft Security

4 Juni 2026 om 10:40

Information published.

CVE-2025-1149 GNU Binutils ld xmalloc.c xstrdup memory leak

Microsoft Security

4 Juni 2026 om 10:39

Information published.

CVE-2026-9149 Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file

Microsoft Security

4 Juni 2026 om 10:45

Information published.

CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

Microsoft Security

4 Juni 2026 om 10:45

Information published.

CVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

Microsoft Security

4 Juni 2026 om 10:45

Information published.

CVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html

Microsoft Security

4 Juni 2026 om 10:45

Information published.

CVE-2026-42506 Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html

Microsoft Security

4 Juni 2026 om 10:45

Information published.

CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html

Microsoft Security

4 Juni 2026 om 10:44

Information published.

CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh

Microsoft Security

4 Juni 2026 om 10:44

Information published.

CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

Microsoft Security

4 Juni 2026 om 10:44

Information published.

CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html

Microsoft Security

4 Juni 2026 om 10:43

Information published.

CVE-2026-42502 Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html

Microsoft Security

4 Juni 2026 om 10:43

Information published.

CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

Microsoft Security

4 Juni 2026 om 10:42

Information published.

CVE-2026-43964 Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.

Microsoft Security

4 Juni 2026 om 10:42

Information published.