CVE-2026-6530 - Heap-based Buffer Overflow in Wireshark
CVE ID :CVE-2026-6530
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6530
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6531 - Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
CVE ID :CVE-2026-6531
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6531
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6532 - Buffer Over-read in Wireshark
CVE ID :CVE-2026-6532
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6532
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6533 - Improperly Controlled Sequential Memory Allocation in Wireshark
CVE ID :CVE-2026-6533
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6533
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6534 - Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
CVE ID :CVE-2026-6534
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6534
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6535 - Improperly Controlled Sequential Memory Allocation in Wireshark
CVE ID :CVE-2026-6535
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6535
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6536 - Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
CVE ID :CVE-2026-6536
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6536
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6537 - Stack-based Buffer Overflow in Wireshark
CVE ID :CVE-2026-6537
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6537
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6538 - Stack-based Buffer Overflow in Wireshark
CVE ID :CVE-2026-6538
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6538
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6867 - Improperly Controlled Sequential Memory Allocation in Wireshark
CVE ID :CVE-2026-6867
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6867
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6869 - Improperly Controlled Sequential Memory Allocation in Wireshark
CVE ID :CVE-2026-6869
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6869
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6870 - Access of Uninitialized Pointer in Wireshark
CVE ID :CVE-2026-6870
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6870
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7270 - Local privilege escalation via execve()
CVE ID :CVE-2026-7270
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7270
Published : April 30, 2026, 7:16 a.m. | 28 minutes ago
Description :An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7164 - pf can overflow the stack parsing crafted SCTP packets
CVE ID :CVE-2026-7164
Published : April 30, 2026, 8:16 a.m. | 3 hours, 33 minutes ago
Description :Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7164
Published : April 30, 2026, 8:16 a.m. | 3 hours, 33 minutes ago
Description :Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-22070 - ColorOS Assistant Path Traversal Vulnerability
CVE ID :CVE-2026-22070
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-22070
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-35547 - Heap overflow in libnv
CVE ID :CVE-2026-35547
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-35547
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-39457 - Stack overflow via select() file descriptor set overflow
CVE ID :CVE-2026-39457
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :When exchanging data over a socket, libnv uses select(2) to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select(2)'s file descriptor set size limit of FD_SETSIZE (1024). An attacker who is able to force a libnv application to allocate large file descriptors, e.g., by opening many descriptors and executing a program which is not careful to close them upon startup, can trigger stack corruption. If the target application is setuid-root, then this could be used to elevate local privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-39457
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :When exchanging data over a socket, libnv uses select(2) to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select(2)'s file descriptor set size limit of FD_SETSIZE (1024). An attacker who is able to force a libnv application to allocate large file descriptors, e.g., by opening many descriptors and executing a program which is not careful to close them upon startup, can trigger stack corruption. If the target application is setuid-root, then this could be used to elevate local privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-42512 - Remotely triggerable out-of-bounds heap write in dhclient
CVE ID :CVE-2026-42512
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun. A specially crafted packet can cause dhclient to overrun its buffer of environment entries. This can result in a crash, but it may be possible to leverage this bug to achieve remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42512
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun. A specially crafted packet can cause dhclient to overrun its buffer of environment entries. This can result in a crash, but it may be possible to leverage this bug to achieve remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-42799 - Out-of-bounds read in ulp
CVE ID :CVE-2026-42799
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects Kestrel: before 2026/02/10.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42799
Published : April 30, 2026, 9:16 a.m. | 2 hours, 33 minutes ago
Description :Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects Kestrel: before 2026/02/10.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41016 - Apache Airflow Providers SMTP: No certificate validation on SMTP STARTTLS connections in SMTP provider
CVE ID :CVE-2026-41016
Published : April 30, 2026, 10:16 a.m. | 1 hour, 33 minutes ago
Description :Apache Airflow's SMTP provider `SmtpHook` called Python's `smtplib.SMTP.starttls()` without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS upgrade, and capture the SMTP credentials sent during the subsequent `login()` call. Users are advised to upgrade to the `apache-airflow-providers-smtp` version that contains the fix.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41016
Published : April 30, 2026, 10:16 a.m. | 1 hour, 33 minutes ago
Description :Apache Airflow's SMTP provider `SmtpHook` called Python's `smtplib.SMTP.starttls()` without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS upgrade, and capture the SMTP credentials sent during the subsequent `login()` call. Users are advised to upgrade to the `apache-airflow-providers-smtp` version that contains the fix.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-42800 - Deference after null check in ims_client sip
CVE ID :CVE-2026-42800
Published : April 30, 2026, 10:16 a.m. | 1 hour, 33 minutes ago
Description :NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/sipuri.c.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42800
Published : April 30, 2026, 10:16 a.m. | 1 hour, 33 minutes ago
Description :NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/sipuri.c.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...