cve

A heap use-after-free vulnerability has been reported in the OpenSSL PKCS7_verify() function, potentially allowing attackers to exploit memory corruption.

A single faulty character in the Linux kernel introduced a use-after-free vulnerability (CVE-2026-53111) allowing unprivileged users to escalate privileges to root on Debian and Ubuntu systems; the bug has been fixed and backported.

Marcelo Trylesinski shares his perspective on CVE-2026-48710, a security vulnerability in Starlette involving path-based authorization bypass via manipulated Host headers. He argues the vulnerability stems from application patterns and deployment, not the framework itself.

A critical host-header authentication bypass vulnerability (CVE-2026-48710) in Starlette and FastAPI affects many Python ASGI applications, including AI inference servers (e.g., vLLM), AI proxy servers (e.g., LiteLLM), and MCP gateways, potentially allowing unauthorized access.

A critical vulnerability (CVE-2026-48710, named BadHost) in the open-source ASGI framework Starlette exposes millions of AI agents and servers to potential data theft and credential compromise, affecting frameworks like FastAPI, vLLM, and LiteLLM. Patched in Starlette 1.0.1, the flaw is trivial to exploit and underscores risks in the AI tooling ecosystem.

Apple released security updates for macOS Tahoe 26.5 addressing multiple vulnerabilities including kernel bugs, denial-of-service, and sandbox escapes. The update includes fixes for CVEs discovered by various researchers, one of which (CVE-2026-28952) was reportedly found by Claude AI.

The article introduces the Agent Vulnerability Enumeration (AVE) record as a new standard designed to address the inadequacies of CVE for AI agent vulnerabilities, covering scoring, detection, and standardization challenges specific to agentic AI.

A security researcher discovered CVE-2026-46529, a 10-year-old remote code execution vulnerability in Linux PDF viewers XReader, Evince, and Atril, caused by insufficient argument quoting when spawning child processes to open remote document links.

Qualys discloses a logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333), allowing local privilege escalation and information disclosure. The vulnerability, present since 2016, affects multiple distributions with four proof-of-concept exploits developed by Qualys.

CVE-2026-40369 describes a vulnerability in Windows kernel's NtQuerySystemInformation function that allows arbitrary kernel address increment, enabling privilege escalation from unprivileged processes including Chrome sandbox. The exploit is deterministic on Windows 11 24H2-25H2.

PostgreSQL has released security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, fixing 11 CVEs and over 60 bugs. Notable fixes include CVE-2026-6473 (integer wraparound, CVSS 8.8) and CVE-2026-6475 (symlink overwrite, CVSS 8.8).

A critical heap buffer overflow vulnerability in Nginx's rewrite module (CVE-2026-42945) allows unauthenticated remote code execution, with a proof-of-concept exploit released. The bug affects Nginx versions from 0.6.27 to 1.30.0 and various Nginx Plus releases.

Researchers used an autonomous system to discover a critical heap buffer overflow vulnerability in NGINX's rewrite module (CVE-2026-42945), present since 2008, enabling remote code execution. Multiple CVEs were confirmed by NGINX.

Six serious security vulnerabilities (CVEs) have been identified in dnsmasq, affecting most non-ancient versions. Simon Kelley has released version 2.92rel2 with patches and announced plans for an imminent 2.93 release to address these long-standing bugs.

Article discusses how AI models like Claude Mythos, Big Sleep, and Microsoft Copilot are increasingly discovering CVEs, and how Nix/Flox provides a declarative package management solution that reduces CVE triage complexity from O(n) to O(u) through dependency set deduplication.

CVE-2026-31431 (Copy Fail) is a local privilege escalation vulnerability in the Linux kernel affecting all major distributions since 2017, allowing unprivileged users to gain root shell access through a deterministic 4-byte write to any readable file's page cache via the AF_ALG crypto subsystem.

Vulnerability Garden is a curated list of named vulnerabilities, attack techniques, and exploits, providing references and dates for each entry.

Security researcher Lachlan discovered and reported a critical remote code execution vulnerability dubbed "React2Shell" in React's Server Components protocol to Meta on November 30, 2025. Meta released a fix and public advisory (CVE-2025-55182) on December 3, urging developers to update immediately as the vulnerability affected millions of websites built with React/Next.js.

Copy Fail 2 is a proof-of-concept exploit for an unprivileged Linux Local Privilege Escalation (LPE) vulnerability in the kernel's xfrm subsystem, allowing attackers to gain root access on modern distributions.

LemmaScript is a new toolchain that compiles TypeScript to Dafny for formal verification without altering the runtime, demonstrated by proving a CVE fix in the Hono framework.