π¨ CVE-2025-71340
picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in __reduce__ methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load(), enabling supply chain attacks on PyTorch models and saved Python objects. This is fixed in version 0.0.30.
π@cveNotify
picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in __reduce__ methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load(), enabling supply chain attacks on PyTorch models and saved Python objects. This is fixed in version 0.0.30.
π@cveNotify
GitHub
Missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcode
### Summary
Using idlelib.pyshell.ModifiedInterpreter.runcode function, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes i...
Using idlelib.pyshell.ModifiedInterpreter.runcode function, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes i...
π¨ CVE-2026-11703
Missing SNI/ALPN binding on stateful (session-ID) resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual hosts, carry the cached peer-authentication state into a context it was not established for. Resumption now verifies the SNI/ALPN binding for all paths and declines (falling back to a full handshake) on mismatch.
π@cveNotify
Missing SNI/ALPN binding on stateful (session-ID) resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual hosts, carry the cached peer-authentication state into a context it was not established for. Resumption now verifies the SNI/ALPN binding for all paths and declines (falling back to a full handshake) on mismatch.
π@cveNotify
GitHub
Check SNI/ALPN in TLS 1.2/1.3 session resumptions by holtrop-wolfssl Β· Pull Request #10489 Β· wolfSSL/wolfssl
Description
Fixes zd#21798
Testing
How did you test?
Checklist
added tests
updated/added doxygen
updated appropriate READMEs
Updated manual and documentation
Fixes zd#21798
Testing
How did you test?
Checklist
added tests
updated/added doxygen
updated appropriate READMEs
Updated manual and documentation
π¨ CVE-2026-11800
A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client credentials to bypass signature verification. By forging an assertion, the attacker can create unauthorized access tokens. This enables the attacker to impersonate any federated user linked to the affected Identity Provider, leading to unauthorized access and potential privilege escalation.
π@cveNotify
A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client credentials to bypass signature verification. By forging an assertion, the attacker can create unauthorized access tokens. This enables the attacker to impersonate any federated user linked to the affected Identity Provider, leading to unauthorized access and potential privilege escalation.
π@cveNotify
π¨ CVE-2026-12975
A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs with default configuration) can upload a crafted XML document to trigger blind server-side request forgery (SSRF) via external DTD/entity fetch, or cause denial of service via entity expansion.
π@cveNotify
A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs with default configuration) can upload a crafted XML document to trigger blind server-side request forgery (SSRF) via external DTD/entity fetch, or cause denial of service via entity expansion.
π@cveNotify
π¨ CVE-2026-12992
A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import locations, causing the registry to issue HTTP requests to arbitrary internal URLs (server-side request forgery).
π@cveNotify
A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import locations, causing the registry to issue HTTP requests to arbitrary internal URLs (server-side request forgery).
π@cveNotify
π¨ CVE-2026-13281
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
π@cveNotify
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.200/201 for Windows and Mac and 149.0.7827.200 for Linux, which will roll out over the co...
π¨ CVE-2026-13282
Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: High)
π@cveNotify
Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: High)
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.200/201 for Windows and Mac and 149.0.7827.200 for Linux, which will roll out over the co...
π¨ CVE-2026-13283
Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
π@cveNotify
Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.200/201 for Windows and Mac and 149.0.7827.200 for Linux, which will roll out over the co...
π¨ CVE-2026-22879
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability
π@cveNotify
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability
π@cveNotify
π¨ CVE-2026-40702
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead to privilege escalation and potentially compromise the security of the entire system.
π@cveNotify
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead to privilege escalation and potentially compromise the security of the entire system.
π@cveNotify
evokesystems
Smart EV Charging Solutions | Contact Evoke Systems for Expert Assistance
Ready to unlock the power of smart EV charging solutions? Contact Evoke Systems and discover how our cloud-based platform can transform your charging operations. From optimizing efficiency and reducing costs to enhancing the user experience, our innovativeβ¦
π¨ CVE-2026-44622
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
π@cveNotify
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
π@cveNotify
evokesystems
Smart EV Charging Solutions | Contact Evoke Systems for Expert Assistance
Ready to unlock the power of smart EV charging solutions? Contact Evoke Systems and discover how our cloud-based platform can transform your charging operations. From optimizing efficiency and reducing costs to enhancing the user experience, our innovativeβ¦
π¨ CVE-2026-50176
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks or brute-force attacks to gain unauthorized access.
π@cveNotify
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks or brute-force attacks to gain unauthorized access.
π@cveNotify
evokesystems
Smart EV Charging Solutions | Contact Evoke Systems for Expert Assistance
Ready to unlock the power of smart EV charging solutions? Contact Evoke Systems and discover how our cloud-based platform can transform your charging operations. From optimizing efficiency and reducing costs to enhancing the user experience, our innovativeβ¦
π¨ CVE-2026-54479
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.
π@cveNotify
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.
π@cveNotify
evokesystems
Smart EV Charging Solutions | Contact Evoke Systems for Expert Assistance
Ready to unlock the power of smart EV charging solutions? Contact Evoke Systems and discover how our cloud-based platform can transform your charging operations. From optimizing efficiency and reducing costs to enhancing the user experience, our innovativeβ¦
π¨ CVE-2026-55962
TLS 1.3 post-handshake authentication (PHA) issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, but it was also being applied while a post-handshake CertificateRequest was still outstanding. The check is now scoped to the initial handshake only: on the server, once a post-handshake CertificateRequest has been sent (certReqCtx is set), a peer certificate and a valid CertificateVerify are required again before the Finished is accepted, with empty-certificate handling following the configured verify mode (FAIL_IF_NO_PEER_CERT) just as during first-handshake client authentication. Only affects TLS 1.3 servers built with post-handshake authentication support (WOLFSSL_POST_HANDSHAKE_AUTH / --enable-postauth, included in --enable-all) that enable WOLFSSL_VERIFY_POST_HANDSHAKE and request a client certificate after the handshake via wolfSSL_request_certificate(). Clients, and servers that do not use post-handshake authentication, are unaffected.
π@cveNotify
TLS 1.3 post-handshake authentication (PHA) issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, but it was also being applied while a post-handshake CertificateRequest was still outstanding. The check is now scoped to the initial handshake only: on the server, once a post-handshake CertificateRequest has been sent (certReqCtx is set), a peer certificate and a valid CertificateVerify are required again before the Finished is accepted, with empty-certificate handling following the configured verify mode (FAIL_IF_NO_PEER_CERT) just as during first-handshake client authentication. Only affects TLS 1.3 servers built with post-handshake authentication support (WOLFSSL_POST_HANDSHAKE_AUTH / --enable-postauth, included in --enable-all) that enable WOLFSSL_VERIFY_POST_HANDSHAKE and request a client certificate after the handshake via wolfSSL_request_certificate(). Clients, and servers that do not use post-handshake authentication, are unaffected.
π@cveNotify
GitHub
Various fixes by Frauschi Β· Pull Request #10702 Β· wolfSSL/wolfssl
Hardening and correctness fixes for certificate, TLS, and crypto paths
A set of defensive fixes across several subsystems, each in its own commit with an accompanying regression test:
PKCS7: stric...
A set of defensive fixes across several subsystems, each in its own commit with an accompanying regression test:
PKCS7: stric...
π¨ CVE-2026-6092
When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.
π@cveNotify
When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.
π@cveNotify
GitHub
Fix ETM on resumption by embhorn Β· Pull Request #10167 Β· wolfSSL/wolfssl
Description
Correctly handle non-resumption path for encrypt-then-mac.
Fixes zd21571
Testing
Added test_tls12_etm_failed_resumption
Checklist
added tests
updated/added doxygen
updated appropria...
Correctly handle non-resumption path for encrypt-then-mac.
Fixes zd21571
Testing
Added test_tls12_etm_failed_resumption
Checklist
added tests
updated/added doxygen
updated appropria...
π¨ CVE-2026-6325
Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.
π@cveNotify
Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.
π@cveNotify
GitHub
SetSuitesHashSigAlgo fix by mattia-moffa Β· Pull Request #10204 Β· wolfSSL/wolfssl
Description
Fixes zd#21599
Testing
./configure --enable-opensslextra
make && make check
Fixes zd#21599
Testing
./configure --enable-opensslextra
make && make check
π¨ CVE-2026-6329
PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from the attacker-supplied input, without first verifying that it equals the length of the digest actually produced by the configured algorithm. A truncated or zero-length stored MAC could therefore be accepted, defeating the integrity protection of the MAC.
π@cveNotify
PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from the attacker-supplied input, without first verifying that it equals the length of the digest actually produced by the configured algorithm. A truncated or zero-length stored MAC could therefore be accepted, defeating the integrity protection of the MAC.
π@cveNotify
GitHub
Various fixes by mattia-moffa Β· Pull Request #10192 Β· wolfSSL/wolfssl
Description
Fixes ZD#21457 (27, 30, 31)
Testing
./configure --enable-pkcs12 && make && make check
./configure --host=aarch64-linux-gnu --enable-armasm --enable-mlkem...
Fixes ZD#21457 (27, 30, 31)
Testing
./configure --enable-pkcs12 && make && make check
./configure --host=aarch64-linux-gnu --enable-armasm --enable-mlkem...
π¨ CVE-2026-6330
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating party could fail to detect a manipulated ciphertext and proceed without the standard's required implicit rejection.
π@cveNotify
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating party could fail to detect a manipulated ciphertext and proceed without the standard's required implicit rejection.
π@cveNotify
GitHub
Various fixes by mattia-moffa Β· Pull Request #10192 Β· wolfSSL/wolfssl
Description
Fixes ZD#21457 (27, 30, 31)
Testing
./configure --enable-pkcs12 && make && make check
./configure --host=aarch64-linux-gnu --enable-armasm --enable-mlkem...
Fixes ZD#21457 (27, 30, 31)
Testing
./configure --enable-pkcs12 && make && make check
./configure --host=aarch64-linux-gnu --enable-armasm --enable-mlkem...
π¨ CVE-2026-6331
HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated tag could pass verification. The fix requires the supplied tag length to exactly equal the MAC length and rejects a zero-length MAC, so a forged short or empty tag is no longer accepted.
π@cveNotify
HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated tag could pass verification. The fix requires the supplied tag length to exactly equal the MAC length and rejects a zero-length MAC, so a forged short or empty tag is no longer accepted.
π@cveNotify
GitHub
Various fixes by mattia-moffa Β· Pull Request #10192 Β· wolfSSL/wolfssl
Description
Fixes ZD#21457 (27, 30, 31)
Testing
./configure --enable-pkcs12 && make && make check
./configure --host=aarch64-linux-gnu --enable-armasm --enable-mlkem...
Fixes ZD#21457 (27, 30, 31)
Testing
./configure --enable-pkcs12 && make && make check
./configure --host=aarch64-linux-gnu --enable-armasm --enable-mlkem...
π¨ CVE-2026-7511
PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted.
π@cveNotify
PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted.
π@cveNotify
GitHub
PKCS#7 fixes by Frauschi Β· Pull Request #10203 Β· wolfSSL/wolfssl
Fixes for various issues found in PKCS#7 code.
Fixes zd21593, F-2683, F-2684, F-2686, F-1552, F-1990, F-2681, F-2685, F-1991, F-1992, F-2679, F-2680. Also fixes a regression when building with --en...
Fixes zd21593, F-2683, F-2684, F-2686, F-1552, F-1990, F-2681, F-2685, F-1991, F-1992, F-2679, F-2680. Also fixes a regression when building with --en...
π¨ CVE-2026-7532
iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints.
π@cveNotify
iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints.
π@cveNotify
GitHub
Fix IPSAN and registeredID handling by embhorn Β· Pull Request #10354 Β· wolfSSL/wolfssl
Description
This PR fixes name-constraint enforcement gaps by ensuring iPAddress and registeredID GeneralNames are always parsed/stored.
Fixes zd21725
Testing
Added element to ConfirmNameConstraint...
This PR fixes name-constraint enforcement gaps by ensuring iPAddress and registeredID GeneralNames are always parsed/stored.
Fixes zd21725
Testing
Added element to ConfirmNameConstraint...