CVE-2026-4647
- EPSS 0.17%
- Veröffentlicht 23.03.2026 13:37:44
- Zuletzt bearbeitet 30.06.2026 15:16:57
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not prop...
CVE-2026-4426
- EPSS 0.31%
- Veröffentlicht 19.03.2026 13:53:39
- Zuletzt bearbeitet 03.05.2026 21:16:11
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by suppl...
CVE-2026-4424
- EPSS 0.88%
- Veröffentlicht 19.03.2026 13:50:27
- Zuletzt bearbeitet 30.06.2026 03:20:32
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can expl...
CVE-2026-4271
- EPSS 0.83%
- Veröffentlicht 17.03.2026 11:14:21
- Zuletzt bearbeitet 19.05.2026 22:16:38
A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause a...
CVE-2026-3632
- EPSS 0.21%
- Veröffentlicht 17.03.2026 09:44:19
- Zuletzt bearbeitet 19.03.2026 19:56:43
A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker coul...
CVE-2026-3633
- EPSS 0.22%
- Veröffentlicht 17.03.2026 09:44:19
- Zuletzt bearbeitet 19.03.2026 19:53:34
A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) inject...
CVE-2026-3634
- EPSS 0.18%
- Veröffentlicht 17.03.2026 09:44:19
- Zuletzt bearbeitet 19.03.2026 19:52:33
A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. Th...
CVE-2026-3441
- EPSS 0.18%
- Veröffentlicht 15.03.2026 00:19:07
- Zuletzt bearbeitet 30.06.2026 15:16:55
A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCO...
CVE-2026-3442
- EPSS 0.25%
- Veröffentlicht 15.03.2026 00:19:02
- Zuletzt bearbeitet 30.06.2026 15:16:56
A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious X...
CVE-2026-3497
- EPSS 2.18%
- Veröffentlicht 12.03.2026 18:27:44
- Zuletzt bearbeitet 30.06.2026 03:19:13
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconn...