CVE-2026-3833
- EPSS 0.57%
- Veröffentlicht 30.04.2026 17:37:05
- Zuletzt bearbeitet 30.06.2026 03:19:14
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees...
CVE-2026-6732
- EPSS 0.63%
- Veröffentlicht 23.04.2026 22:19:34
- Zuletzt bearbeitet 30.06.2026 20:16:50
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious d...
CVE-2026-6846
- EPSS 0.17%
- Veröffentlicht 22.04.2026 08:37:14
- Zuletzt bearbeitet 01.07.2026 13:17:51
A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious fi...
CVE-2026-6844
- EPSS 0.1%
- Veröffentlicht 22.04.2026 08:37:09
- Zuletzt bearbeitet 20.05.2026 14:00:12
A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource ex...
- EPSS 0.14%
- Veröffentlicht 22.04.2026 07:54:19
- Zuletzt bearbeitet 02.07.2026 22:16:43
A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. T...
CVE-2026-1584
- EPSS 1.38%
- Veröffentlicht 09.04.2026 18:16:44
- Zuletzt bearbeitet 30.06.2026 03:17:18
A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL point...
- EPSS 0.13%
- Veröffentlicht 07.04.2026 16:34:10
- Zuletzt bearbeitet 30.06.2026 07:16:31
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, a...
CVE-2026-5745
- EPSS 0.16%
- Veröffentlicht 07.04.2026 14:57:31
- Zuletzt bearbeitet 03.05.2026 15:15:58
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without...
CVE-2026-5704
- EPSS 0.43%
- Veröffentlicht 06.04.2026 15:17:27
- Zuletzt bearbeitet 22.04.2026 20:08:59
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allo...
CVE-2026-3184
- EPSS 0.44%
- Veröffentlicht 03.04.2026 18:43:45
- Zuletzt bearbeitet 01.05.2026 19:29:51
A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a s...