oss-security mailing list - 2026/05

Follow @Openwall on Twitter for new release announcements and other news

[<prev month] [year] [list]

oss-security mailing list - 2026/05

Mon	Tue	Wed	Thu	Fri	Sat	Sun
				¹ 24	² 25	³ 13
⁴ 33	⁵ 13	⁶ 8	⁷ 12	⁸ 20	⁹ 8	¹⁰ 8
¹¹ 17	¹² 25	¹³ 8	¹⁴ 7	¹⁵ 27	¹⁶ 9	¹⁷ 6
¹⁸ 3	¹⁹ 42	²⁰ 22	²¹ 21	²² 15	²³ 5	²⁴ 10
²⁵	²⁶	²⁷	²⁸	²⁹	³⁰	³¹

Messages by day:

May 1 (24 messages)

Re: 10+ CVEs in GStreamer (Solar Designer <solar@...nwall.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Solar Designer <solar@...nwall.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Greg KH <greg@...ah.com>)
CVE-2026-42167: SQL injection in ProFTPd prior to 1.3.9a (Valtteri Vuorikoski <vuori@...com.org>)
Prosody XMPP server security advisory 2026-04-31 (multiple vulnerabilities) (Matthew Wild <mwild1@...il.com>)
CVE-2026-42402: Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS (Colm O hEigeartaigh <coheigea@...che.org>)
CVE-2026-42403: Apache Neethi: Circular Policy Reference Infinite Loop (Colm O hEigeartaigh <coheigea@...che.org>)
CVE-2026-42404: Apache Neethi: Unrestricted HTTP Redirect Following in Policy References (Colm O hEigeartaigh <coheigea@...che.org>)
Re: 10+ CVEs in GStreamer (Demi Marie Obenour <demiobenour@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Reid Sutherland <reid@...rddimension.net>)
Re: Exim 4.99.2 fixes 4 CVEs (Florian Weimer <fw@...eb.enyo.de>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: CVE-2026-42167: SQL injection in ProFTPd prior to 1.3.9a (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: 10+ CVEs in GStreamer (Kevin Backhouse <kevin.backhouse@...il.com>)
Re: [EXTERNAL] Re: CVE-2026-31431: CopyFail: linux local privilege scalation ("Shrader, David Lee" <dshrader@...l.gov>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Justin Swartz <justin.swartz@...ingedge.co.za>)
Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (cyber security <cs7778503@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)
CVE-2026-40682: Apache OpenNLP: XXE via Dictionary Parsing in DictionaryEntryPersistor (Richard Zowalla <rzo1@...che.org>)
CVE-2026-42027: Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader (Richard Zowalla <rzo1@...che.org>)
CVE-2026-42440: Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader (Richard Zowalla <rzo1@...che.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)

May 2 (25 messages)

Security audit of rust-coreutils (Alan Coopersmith <alan.coopersmith@...cle.com>)
uutils coreutils CVEs (Collin Funk <collin.funk1@...il.com>)
Ubuntu back up, In Saturday after DDoS attacks (cyber security <cs7778503@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Reid Sutherland <reid@...rddimension.net>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: uutils coreutils CVEs (Jan Schaumann <jschauma@...meister.org>)
CVE-2026-42809: Apache Polaris: An authenticated low-privileged user can abuse Polaris staged table creation to mint br… (Jean-Baptiste Onofré <jbonofre@...che.…)
CVE-2026-42810: Apache Polaris: Polaris accepts literal `*` characters in namespace and table names. When it later buil… (Jean-Baptiste Onofré <jbonofre@...che.…)
CVE-2026-42811: Apache Polaris: In plain terms, Polaris is supposed to issue short-lived GCS credentials that only work… (Jean-Baptiste Onofré <jbonofre@...che.…)
CVE-2026-42812: Apache Polaris: No protection on `write.metadata.path` (Jean-Baptiste Onofré <jbonofre@...che.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Greg Dahlman <dahlman@...il.com>)
Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Justin Swartz <justin.swartz@...ingedge.co.za>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Richard Kettlewell <rjk@...raraq.uk>)
Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Reid Sutherland <reid@...rddimension.net>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Greg Dahlman <dahlman@...il.com>)
Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Brian May <brian@...uxpenguins.xyz>)
Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Alexander Bochmann <ab@...ts.gxis.de>)
Re: uutils coreutils CVEs (Collin Funk <collin.funk1@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Collin Funk <collin.funk1@...il.com>)
Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation ("Malik, Vaibhav" <vaibhav.malik@...com>)

May 3 (13 messages)

CVE-2026-40561: Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence (Timothy Legge <timlegge@...nsec.org>)
syzkaller "Reporting Linux kernel bugs" out of date (Solar Designer <solar@...nwall.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (nightmare.yeah27@...ecat.org)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Simon McVittie <smcv@...ian.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Peter Gutmann <pgut001@...auckland.ac.nz>)
Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Reid Sutherland <reid@...rddimension.net>)
CVE request: io_uring zcrx freelist OOB write (Mohamed salem Eddah <medsalemeddah@...il.com>)
Re: CVE request: io_uring zcrx freelist OOB write (Greg KH <gregkh@...uxfoundation.org>)
CVE-2026-40563: Apache Atlas: Script injection allows access to unintended data (Pinal Shah <pinal@...che.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Paul Ducklin <pducklin@...look.com>)
[vim-security] OS Command Injection via 'path' completion affects Vim < 9.2.0435 (Christian Brabandt <cblists@...bit.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Greg Dahlman <dahlman@...il.com>)
Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Sam James <sam@...too.org>)

May 4 (33 messages)

Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Sam James <sam@...too.org>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Sam James <sam@...too.org>)
Fwd: mutt 2.3.2 released (Sam James <sam@...too.org>)
Re: uutils coreutils CVEs (Jakub Wilk <jwilk@...lk.net>)
Re: uutils coreutils CVEs (cyber security <cs7778503@...il.com>)
Re: uutils coreutils CVEs (Eli Schwartz <eschwartz@...too.org>)
Re: CVE request: io_uring zcrx freelist OOB write (Pavel Begunkov <asml.silence@...il.com>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Greg Kroah-Hartman <gregkh@...uxfoundation.org>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Jeroen Roovers <jer@...all.nl>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Milan Broz <gmazyland@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Milan Broz <gmazyland@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Richard Kettlewell <rjk@...raraq.uk>)
CVE-2026-33857: Apache HTTP Server: Off-by-one OOB reads in AJP getter functions (Eric Covener <covener@...che.org>)
CVE-2026-34032: Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_s… (Eric Covener <covener@...che.org>)
CVE-2026-34059: Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data() (Eric Covener <covener@...che.org>)
CVE-2026-24072: Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr (Eric Covener <covener@...che.org>)
CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset (Eric Covener <covener@...che.org>)
CVE-2026-29169: Apache HTTP Server: mod_dav_lock indirect lock crash (Eric Covener <covener@...che.org>)
CVE-2026-33006: Apache HTTP Server: mod_auth_digest timing attack (Eric Covener <covener@...che.org>)
CVE-2026-33007: Apache HTTP Server: mod_authn_socache crash (Eric Covener <covener@...che.org>)
CVE-2026-33523: Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line (Eric Covener <covener@...che.org>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Emily Shepherd <emily@...coat.dev>)
Fwd: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 (Sam James <sam@...too.org>)
Re: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 (Sam James <sam@...too.org>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Greg KH <greg@...ah.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Demi Marie Obenour <demiobenour@...il.com>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Solar Designer <solar@...nwall.com>)
Re: Fwd: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 (Salvatore Bonaccorso <carnil@...ian.org>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) ("Emily Shepherd" <emily@...coat.dev>)
Nix/Lix: local privilege escalation in daemon process (Martin Weinelt <martin@...uxlounge.net>)
Local privilege escalation in Lix and Nix (Thomas GERBET <thomas@...bet.me>)

May 5 (13 messages)

Re: systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's termina… (Aaron Rainbolt <arraybolt3@...eup.net>)
CVE-2026-43868: Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern (Jens Geyer <jensg@...che.org>)
CVE-2026-43869: Apache Thrift: TSSLTransportFactory.java hostname verification (Jens Geyer <jensg@...che.org>)
CVE-2026-43870: Apache Thrift: Node.js web_server.js multi-vulnerability (Jens Geyer <jensg@...che.org>)
Re: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 (Solar Designer <solar@...nwall.com>)
CVE-2026-29168: Apache HTTP Server: mod_md unrestricted OCSP response (Eric Covener <covener@...che.org>)
[OSSA-2026-009] Horizon: Unauthenticated session flood via login redirect storage (CVE-2026-43002) (Goutham Pacha Ravi <gouthampravi@...il.com>)
Django CVE-2026-5766, CVE-2026-35192, and CVE-2026-6907 (Sarah Boyce <sarahboyce@...ngoproject.com>)
CVE-2026-28780: Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header() (Eric Covener <covener@...che.org>)
[OSSA-2026-010] Ironic: Credential Forwarding to Arbitrary Endpoints via iDrac Configuration Molds Feature (CVE-2026-42997) (Jay Faulkner <jay@....cc>)
vm2: sandbox escape in NodeVM with nesting:true (CVE-2026-44007) (Akshat Sinha <akshat.snh@...il.com>)
Re: CVE-2026-29169: Apache HTTP Server: mod_dav_lock indirect lock crash (Solar Designer <solar@...nwall.com>)
Security audit of Paramiko completed, fixes coming in 5.0 release (Alan Coopersmith <alan.coopersmith@...cle.com>)

May 6 (8 messages)

CVE-2026-40010: Apache Wicket: possible session fixation using AuthenticatedWebSession (Pedro Henrique Oliveira dos Santos <pedro@...che.org>)
CVE-2026-42509: Apache Wicket: crafted strings can break out of the JavaScript sequence (Pedro Henrique Oliveira dos Santos <pedro@...che.org>)
CVE-2026-43646: Apache Wicket: crafted URLs can bypass PackageResourceGuard (Pedro Henrique Oliveira dos Santos <pedro@...che.org>)
CVE-2026-43975: Apache Wicket: Possible malicious path traversal in FolderUploadsFileManager (Pedro Henrique Oliveira dos Santos <pedro@...che.org>)
Re: CVE-2026-31431: CopyFail: linux local privilege scalation (Eric Biggers <ebiggers@...nel.org>)
CVE-2026-5081: Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure (Robert Rothenberg <rrwo@...nsec.org>)
CVE-2026-40562: Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence (Robert Rothenberg <rrwo@...nsec.org>)
Vulnerability fixes in Tor 0.4.9.7 (Sam James <sam@...too.org>)

May 7 (12 messages)

Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption (Solar Designer <solar@...nwall.com>)
Re: Precise disclosure contents for copyfail (Re: CVE-2026-31431: CopyFail: linux local privilege scalation) (Greg KH <greg@...ah.com>)
XSS in Postorius (Mailman 3) 1.3.13 and earlier (Alyssa Ross <hi@...ssa.is>)
Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption (Sam James <sam@...too.org>)
Re: CVE request: io_uring zcrx freelist OOB write (Solar Designer <solar@...nwall.com>)
[OSSA-2026-011] OpenStack Cyborg: Multiple access control vulnerabilities in Cyborg accelerator management (CVE-2026-40… (Goutham Pacha Ravi <gouthampravi@...il.…)
Re: CVE request: io_uring zcrx freelist OOB write (Mohamed salem Eddah <medsalemeddah@...il.com>)
Dirty Frag: Universal Linux LPE (Hyunwoo Kim <imv4bel@...il.com>)
[vim-security] Heap Buffer Overflow in spell file loading affects Vim < 9.2.0450 (Christian Brabandt <cb@...bit.org>)
Re: Dirty Frag: Universal Linux LPE (Sandipan Roy <saroy@...hat.com>)
Re: CVE request: io_uring zcrx freelist OOB write (Jens Axboe <axboe@...nel.dk>)
Copy Fail 2 / Dirty Frag — n-day from public commit, not embargo break (SiCk <sick@...licted.sh>)

May 8 (20 messages)

Re: CVE request: io_uring zcrx freelist OOB write (Benjamin Hays <ben@...hays.org>)
Re: CVE request: io_uring zcrx freelist OOB write (Pavel Begunkov <asml.silence@...il.com>)
Re: CVE request: io_uring zcrx freelist OOB write (Jens Axboe <axboe@...nel.dk>)
Re: CVE request: io_uring zcrx freelist OOB write (Solar Designer <solar@...nwall.com>)
Re: XSS in Postorius (Mailman 3) 1.3.13 and earlier (Demi Marie Obenour <demiobenour@...il.com>)
Re: Dirty Frag: Universal Linux LPE (Daniel Tang <danielzgtg.opensource@...il.com>)
Re: Dirty Frag: Universal Linux LPE (Greg KH <greg@...ah.com>)
Re: Dirty Frag: Universal Linux LPE (Greg KH <greg@...ah.com>)
Re: XSS in Postorius (Mailman 3) 1.3.13 and earlier (Sebastian Pipping <sebastian@...ping.org>)
Re: CVE request: io_uring zcrx freelist OOB write (Mohamed salem Eddah <medsalemeddah@...il.com>)
Re: Dirty Frag: Universal Linux LPE ("Bernhard R. Link" <brl+oss@...l.brlink.eu>)
CVE-2013-10075: Apache::Session versions through 1.94 for Perl re-creates deleted sessions (Robert Rothenberg <rrwo@...nsec.org>)
Re: Copy Fail 2 / Dirty Frag — n-day from public commit, not embargo break (Sam James <sam@...too.org>)
Re: CVE request: io_uring zcrx freelist OOB write (Jens Axboe <axboe@...nel.dk>)
Re: Re: Dirty Frag: Universal Linux LPE (Kalin KOZHUHAROV <kalin@...nrope.net>)
BioPython 1.87 fixes CVE-2025-68463 (XXE, SSRF) (Sebastian Pipping <sebastian@...ping.org>)
CVE-2026-6659: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts (Robert Rothenberg <rrwo@...nsec.org>)
Re: Re: Dirty Frag: Universal Linux LPE (Greg Dahlman <dahlman@...il.com>)
Re: Re: Dirty Frag: Universal Linux LPE ("Emily Shepherd" <emily@...coat.dev>)
Go 1.26.3 and Go 1.25.10 are released with 11 security fixes (Alan Coopersmith <alan.coopersmith@...cle.com>)

May 9 (8 messages)

CVE-2025-66170: Apache CloudStack: Any user can list backups that they should not have access to ("Piotr P. Karwasz" <pkarwasz@...che.org>)
CVE-2025-66171: Apache CloudStack: Any user can create a new VM from backups they should not have access to ("Piotr P. Karwasz" <pkarwasz@...che.org>)
CVE-2025-66172: Apache CloudStack: Any user can attach a volume in their VMs from backups they should not have access t… ("Piotr P. Karwasz" <pkarwasz@...che.org…)
CVE-2025-66467: Apache CloudStack: MinIO policy remains intact on bucket deletion ("Piotr P. Karwasz" <pkarwasz@...che.org>)
CVE-2025-69233: Apache CloudStack: Domain/account resources limits not honored ("Piotr P. Karwasz" <pkarwasz@...che.org>)
CVE-2026-25077: Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates ("Piotr P. Karwasz" <pkarwasz@...che.org>)
CVE-2026-25199: Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access ("Piotr P. Karwasz" <pkarwasz@...che.org>)
uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Sebastian Pipping <sebastian@...ping.org>)

May 10 (8 messages)

Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Solar Designer <solar@...nwall.com>)
CVE-2026-43826: Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL (Shahar Epstein <shahar@...che.org>)
CVE-2026-41018: Apache Airflow Providers Elasticsearch: Elasticsearch task-log handlers leak credentials embedded in the hos… (Shahar Epstein <shahar@...che.org>)
CVE-2026-45179: Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses (Robert Rothenberg <rrwo@...nsec.org>)
CVE-2026-45180: Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids (Robert Rothenberg <rrwo@...nsec.org>)
CVE-2026-45190: Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which m… (Stig Palmquist <stig@...g.io>)
CVE-2026-45191: Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask … (Stig Palmquist <stig@...g.io>)
CVE-2026-8177: XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing… (Stig Palmquist <stig@...g.io>)

May 11 (17 messages)

malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API (CVE-2026-44931) (Matthias Gerstner <mgerstner@...e.de>)
Re: CVE-2026-8177: XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names conta… (Stig Palmquist <stig@...g.io>)
CVE-2026-5084: WebDyne::Session versions through 2.075 for Perl generates the session id insecurely (Stig Palmquist <stig@...g.io>)
Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption (xw x <v3rdant.xiang@...il.com>)
Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption (xw x <v3rdant.xiang@...il.com>)
Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption (xw x <v3rdant.xiang@...il.com>)
[OSSA-2026-012] Ironic: Remote Code Execution when Anaconda driver enabled (CVE-2026-44916) (Jay Faulkner <jay@...oss.io>)
[CVE-2026-7210] Cpython: The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection (Alan Coopersmith <alan.coopersmith@...cle…)
CVE Request: Fail-open authentication in hathor-wallet-headless <= 0.38.0 (vendor declined to fix) ("Emiliano Solazzi G." <coma.retained@...il.com>)
dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation (Alan Coopersmith <alan.coopersmith@...cle.com>)
OpenSSL ARM64 SM2 scalar multiplication timing side-channel (no CVE) (Abhinav Agarwal <abhinavagarwal1996@...il.com>)
Re: dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: [CVE-2026-7210] Cpython: The expat and elementtree parsers use insufficient entropy for XML hash-flooding protectio… (Sebastian Pipping <sebastian@...ping.or…)
CVE-2022-4988: Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries (Robert Rothenberg <rrwo@...nsec.org>)
CVE-2026-6146: Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys (Robert Rothenberg <rrwo@...nsec.org>)
libexpat 2.8.1 fixes CVE-2026-45186 (denial of service) (Sebastian Pipping <sebastian@...ping.org>)
CVE-2026-7010: HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header value… (Stig Palmquist <stig@...g.io>)

May 12 (25 messages)

Re: Coordinated Disclosure in the LLM Age (Tim Shephard <tim@...ai.ca>)
Public security analysis and LLM-assisted variant discovery (Tim Shephard <tim@...ai.ca>)
Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Sebastian Pipping <sebastian@...ping.org>)
[EXIM-Security-2026-05-01.1] Security Release 4.99.3 (Heiko Schlittermann <hs@...marc.schlittermann.de>)
Re: [EXIM-Security-2026-05-01.1] Security Release 4.99.3 (Heiko Schlittermann <hs@...marc.schlittermann.de>)
Dovecot Security Advisory OXDC-2026-0002 (Aki Tuomi <aki.tuomi@...ecot.fi>)
CVE-2026-8368: LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin re… (Stig Palmquist <stig@...g.io>)
CVE-2026-43512: Apache Tomcat: Digest authenticator will authenticate any unknown user (Mark Thomas <markt@...che.org>)
CVE-2026-43513: Apache Tomcat: LockOutRealm treats user names as case-sensitive (Mark Thomas <markt@...che.org>)
CVE-2026-43514: Apache Tomcat: AJP secret compared in non-constant time (Mark Thomas <markt@...che.org>)
CVE-2026-43515: Apache Tomcat: Security constraints not correctly applied (Mark Thomas <markt@...che.org>)
CVE-2026-41284: Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling (Mark Thomas <markt@...che.org>)
CVE-2026-41293: Apache Tomcat: HTTP/2 request headers not validated (Mark Thomas <markt@...che.org>)
CVE-2026-42498: Apache Tomcat: WebSocket authentication header exposure (Mark Thomas <markt@...che.org>)
Xen Security Advisory 490 v1 (CVE-2025-54518) - x86: CPU Opcode Cache corruption (Xen.org security team <security@....org>)
CVE-2026-5089: YAML::Syck versions before 1.38 for Perl has an out-of-bounds read (Robert Rothenberg <rrwo@...nsec.org>)
Re: Coordinated Disclosure in the LLM Age (Demi Marie Obenour <demiobenour@...il.com>)
Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Ilia <ilia@...a.ws>)
Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Sebastian Pipping <sebastian@...ping.org>)
Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Joshua Windle <joshua.w.windle@...il.com>)
Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 (Ilia <ilia@...a.ws>)
Re: Coordinated Disclosure in the LLM Age (Willy Tarreau <w@....eu>)
Fwd: [siren] [Security Advisory] Severity: CRITICAL - Malicious Compromise of OpenSearch Pre-Release npm Packages (Alan Coopersmith <alan.coopersmith@...cle.co…)
Re: dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation (Sam James <sam@...too.org>)
Re: [EXIM-Security-2026-05-01.1] Security Release 4.99.3 (Sam James <sam@...too.org>)

May 13 (8 messages)

CVE-2026-5958: GNU sed: TOCTOU race in sed -i --follow-symlinks (Solar Designer <solar@...nwall.com>)
CVE-2026-41326: Kata Containers: CopyFile Policy Subversion via Symlinks (Solar Designer <solar@...nwall.com>)
Linux kernel LPE ("fragnesia", copyfail 3.0) (Sam James <sam@...too.org>)
CVE-2026-8463: Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2_verify on empt… (Stig Palmquist <stig@...g.io>)
Re: Linux kernel LPE ("fragnesia", copyfail 3.0) (Greg KH <greg@...ah.com>)
Re: Linux kernel LPE ("fragnesia", copyfail 3.0) (Solar Designer <solar@...nwall.com>)
NGINX ngx_http_rewrite_module vulnerability CVE-2026-42945 (Alan Coopersmith <alan.coopersmith@...cle.com>)
CVE-2026-8500: Web::Passwd versions through 0.03 for Perl is vulnerable to RCE (Robert Rothenberg <rrwo@...nsec.org>)

May 14 (7 messages)

[CVE-2026-8328] CPython: FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host addr… (Alan Coopersmith <alan.coopersmith@...c…)
Re: Linux kernel LPE ("fragnesia", copyfail 3.0) (Jan Schaumann <jschauma@...meister.org>)
Re: [vim-security] Heap Buffer Overflow in spell file loading affects Vim < 9.2.0450 (Tianyu Chen <billchenchina2001@...il.com>)
Re: Linux kernel LPE ("fragnesia", copyfail 3.0) (Salvatore Bonaccorso <carnil@...ian.org>)
CVE-2026-45205: Apache Commons Configuration: StackOverflowError for YAML input with cycles ("Gary D. Gregory" <ggregory@...che.org>)
[vim-security] Command Injection in tar.vim affects Vim < 9.2.479 (Christian Brabandt <cblists@...bit.org>)
[vim-security] Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename affects Vim < 9.2.480 (Christian Brabandt <cblists@...bit.org>)

May 15 (27 messages)

CVE-2026-8612: WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-di… (Stig Palmquist <stig@...g.io>)
Logic bug in the Linux kernel's __ptrace_may_access() function (Qualys Security Advisory <qsa@...lys.com>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Sam James <sam@...too.org>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Salvatore Bonaccorso <carnil@...ian.org>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Salvatore Bonaccorso <carnil@...ian.org>)
Re: Coordinated Disclosure in the LLM Age (Yves-Alexis Perez <corsac@...ian.org>)
Re: Coordinated Disclosure in the LLM Age (Greg KH <greg@...ah.com>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Qualys Security Advisory <qsa@...lys.com>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Qualys Security Advisory <qsa@...lys.com>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (David Gonzalez <daferna3@...valent.com>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Sam James <sam@...too.org>)
Re: Coordinated Disclosure in the LLM Age (Santiago Ruano Rincón <santiagorr@...eup.net>)
Re: Coordinated Disclosure in the LLM Age (Demi Marie Obenour <demiobenour@...il.com>)
Sv: Coordinated Disclosure in the LLM Age (Markus Klyver <markusklyver@...mail.com>)
CVE-2026-8454: Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB) write on crafted multi-f… (Timothy Legge <timlegge@...nsec.org>)
CVE-2026-8503: Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids (Robert Rothenberg <rrwo@...nsec.org>)
CVE-2026-8669: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF fi… (Timothy Legge <timlegge@...nsec.org>)
CVE-2026-46474: Trog::TOTP versions before 1.006 for Perl generate secrets using rand (Robert Rothenberg <rrwo@...nsec.org>)
Security Advisory: Multiple Vulnerabilities in llama.cpp GGUF Format Parsers (135266653@...com)
CVE-2026-35194: Apache Flink: Remote code execution via SQL injection in code generation (Martijn Visser <martijnvisser@...che.org>)
libpng-apng: Chunk-smuggling vulnerability in push-mode APNG parser: CVE-2026-40930 (Cosmin Truta <ctruta@...il.com>)
netatalk 4.4.3 fixes 20 CVEs, leaves 18 for later (Alan Coopersmith <alan.coopersmith@...cle.com>)
PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 Released with security fixes (Alan Coopersmith <alan.coopersmith@...cle.com>)
Poppy: XPC Observability & Fault Injection (Stuart Thomas <stuartpaulthomas@...il.com>)
Re: Poppy: XPC Observability & Fault Injection (Solar Designer <solar@...nwall.com>)
CVE-2026-8700: Crypt::DSA versions before 1.20 for Perl generate seeds using rand (Timothy Legge <timlegge@...nsec.org>)
CVE-2026-8704: Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified (Timothy Legge <timlegge@...nsec.org>)

May 16 (9 messages)

Sv: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
Re: Coordinated Disclosure in the LLM Age (Greg KH <greg@...ah.com>)
Recent Kernel exploits, attack surface reduction, example IPSEC (Hanno Böck <hanno@...eck.de>)
Re: Recent Kernel exploits, attack surface reduction, example IPSEC (Valtteri Vuorikoski <vuori@...com.org>)
Re: Recent Kernel exploits, attack surface reduction, example IPSEC (Agostino Sarubbo <ago@...too.org>)
Re: Recent Kernel exploits, attack surface reduction, example IPSEC ("Bernhard R. Link" <brl+oss@...l.brlink.eu>)
Re: Recent Kernel exploits, attack surface reduction, example IPSEC (Lionel Debroux <lionel_debroux@...oo.fr>)
Re: Recent Kernel exploits, attack surface reduction, example IPSEC (Jeffrey Walton <noloader@...il.com>)
CVE-2026-46719: Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections (Robert Rothenberg <rrwo@...nsec.org>)

May 17 (6 messages)

Re: Recent Kernel exploits, attack surface reduction, example IPSEC (Donald Buczek <buczek@...gen.mpg.de>)
CVE-2026-46720: Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections (Robert Rothenberg <rrwo@...nsec.org>)
[vim-security] Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name affects Vim < 9.2.495 (Christian Brabandt <cb@...bit.org>)
[vim-security] Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex affects Vim < 9.2.0496 (Christian Brabandt <cb@...bit.org>)
CVE-2026-8507: Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out of bound (OOB) write flaws (Timothy Legge <timlegge@...nsec.org>)
CVE-2026-8721: Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs (Timothy Legge <timlegge@...nsec.org>)

May 18 (3 messages)

CVE-2026-8788: Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections (Robert Rothenberg <rrwo@...nsec.org>)
Re: CVE request experience (Fabian Keil <freebsd-listen@...iankeil.de>)
CVE-2026-31431 Copy Fail Linux LPE - new public exploit (Andrei Berestov <berestov0181@...il.com>)

May 19 (42 messages)

On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Aaron Rainbolt <arraybolt3@...eup.net>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Simon McVittie <smcv@...ian.org>)
Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 (Marcus Meissner <meissner@...e.de>)
Re: Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 (Hanno Böck <hanno@...eck.de>)
Re: Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 (Steffen Nurpmeso <steffen@...oden.eu>)
PinTheft Linux LPE (Sam James <sam@...too.org>)
[SBA-ADV-20260126-02] CVE-2026-42329: DFIR-IRIS before 2.4.28 Open Redirect (SBA Research Security Advisory <advisory@...-research.org>)
[SBA-ADV-20260126-03] CVE-2026-42538: DFIR-IRIS before 2.4.28 Insecure File Upload (SBA Research Security Advisory <advisory@...-research.org>)
[SBA-ADV-20260126-04] CVE-2026-42539: DFIR-IRIS before 2.4.28 Excessive Data Exposure (SBA Research Security Advisory <advisory@...-research.org>)
[SBA-ADV-20260128-01] CVE-2026-42540: DFIR-IRIS before 2.4.28 Mass Assignment (SBA Research Security Advisory <advisory@...-research.org>)
[SBA-ADV-20260128-03] CVE-2026-42543: DFIR-IRIS before 2.4.28 Cross-Site Request Forgery (CSRF) (SBA Research Security Advisory <advisory@...-research.org>)
[SBA-ADV-20260128-05] CVE-2026-42547: DFIR-IRIS before 2.4.28 Alerts Can be Falsely Attributed to Customers (SBA Research Security Advisory <advisory@...-resea…)
CVE-2026-47323: Apache Camel: Camel-CXF Message Header Injection via Missing Inbound Filtering (Andrea Cosentino <acosentino@...che.org>)
CVE-2026-29207: Apache OFBiz: Low-Privilege SSTI Leading to RCE in the Content Component (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-29220: Apache OFBiz: Low-Privilege LFI in Content Component (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-29226: Apache OFBiz: Low-Privilege SSRF in Content Component (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31378: Apache OFBiz: JSON Attribute Override and URL Allowlist Bypass Leads to Remote Code Execution (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31379: Apache OFBiz: Path Traversal and File Upload Validation Bypass Leading to Arbitrary File Write, Stored X… (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31380: Apache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization Bypass (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31387: Apache OFBiz: Cookie Manipulation Allows Authenticated JWT Forgery and Account Impersonation (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31388: Apache OFBiz: Cross-Tenant Data Exposure via Program Export Feature (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31906: Apache OFBiz: Reflected XSS via Improper HTML Attribute Escaping in Layered-Modal Dialog Parameters (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31909: Apache OFBiz: Unauthenticated Shipment Label Image Disclosure (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31910: Apache OFBiz: Improper Input Validation in UI Factory Classes Leads to SSRF and Blind File Access (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-31986: Apache OFBiz: Unauthenticated RCE via Default JWT Signing Key and Widget Template Injection (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-35086: Apache OFBiz: Authenticated Remote Code Execution via Unsafe Template Expansion in email services (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-41919: Apache OFBiz: Authentication Bypass due to Improper Neutralization of LDAP Special Elements in DN Constr… (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-45187: Apache OFBiz: Improper Authorization in Scheduled Job Creation Allows Low-Privileged Users to Submit Sys… (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-45434: Apache OFBiz: Authentication Bypass via Password-Change Logic Flaw Leading to RCE (Jacopo Cappellato <jacopoc@...che.org>)
CVE-2026-46586: Apache OFBiz: Improper Validation in traverseContent Service Enables Authenticated Groovy Code Execution… (Jacopo Cappellato <jacopoc@...che.org>)
Re: PinTheft Linux LPE (Sam James <sam@...too.org>)
Memcached 1.6.42 is a "major security focused release" with CVE's TBD (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: PinTheft Linux LPE (Sam James <sam@...too.org>)
Evince/Atril/Xreader command injection CVE-2026-46529 ("Michael Catanzaro" <mcatanzaro@...me.org>)
CVE-2026-27173: Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments (Vincent Beck <vincbeck@...che.org>)
CVE-2026-42526: Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager an… (Vincent Beck <vincbeck@...che.org>)
Re: PinTheft Linux LPE (Jelle van der Waa <jelle@...aa.nl>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Gabriel Corona <gabriel.corona@...e.fr>)
[OSSA-2026-013] Ironic: Denial of Service via specially crafted deployment requests (CVE-2026-44919) (Jay Faulkner <jay@....cc>)
CVE-2026-5090: Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected (Robert Rothenberg <rrwo@...nsec.org>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Aaron Rainbolt <arraybolt3@...il.com>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Aaron Rainbolt <arraybolt3@...eup.net>)

May 20 (22 messages)

CVE-2026-41054: haveged — privilege escalation via command socket (Jiri Hladky <hladky.jiri@...il.com>)
PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method (Aaron Rainbolt <arraybolt3@...eup.net>)
Heads-up: Upcoming Samba security releases (2026-05-26) (Douglas Bagnall <douglas.bagnall@...alyst.net.nz>)
QEMU CXL Memory Corruption Vulnerability ("QEMUtiny") (Brett Sheffield <bacs@...recast.net>)
Unbound: 1.25.1 addresses multiple CVE items (Yorgos Thessalonikefs <yorgos@...etlabs.nl>)
rsync 3.4.3 released: six CVEs (CVE-2026-29518, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-4… (Andrew Tridgell <tridge60@...il.com>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Simon McVittie <smcv@...ian.org>)
Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method (Simon McVittie <smcv@...ian.org>)
Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method (gabriel.corona@...e.fr)
Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method (gabriel.corona@...e.fr)
ISC has disclosed six vulnerabilities in BIND 9 (CVE-2026-3039, CVE-2026-3592, CVE-2026-3593, CVE-2026-5946, CVE-2026-5947, C… (Michał Kępień <michal@....org>)
PowerDNS Security Advisory 2026-06: Multiple Issues (Miod Vallat <miod.vallat@...erdns.com>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (gabriel.corona@...e.fr)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Qualys Security Advisory <qsa@...lys.com>)
Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Qualys Security Advisory <qsa@...lys.com>)
Re: Multiple vulnerabilities in AppArmor (Qualys Security Advisory <qsa@...lys.com>)
Re: Coordinated Disclosure in the LLM Age (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Demi Marie Obenour <demiobenour@...il.com>)
CVE-2026-4802 [cockpit] Arbitrary code execution in the logs page via a specially crafted link (Jelle van der Waa <jelle@...aa.nl>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Gabriel Corona <gabriel.corona@...e.fr>)
CVE-2026-47373: Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks (Robert Rothenberg <rrwo@...nsec.org>)
CVE-2026-47372: Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts (Robert Rothenberg <rrwo@...nsec.org>)

May 21 (21 messages)

Re: Re: Logic bug in the Linux kernel's __ptrace_may_access() function (Simon McVittie <smcv@...ian.org>)
Re: PinTheft Linux LPE (Marcus Meissner <meissner@...e.de>)
CVE-2026-45250: FreeBSD setcred(2) stack overflow -> local privilege escalation (FatGid) (Przemyslaw Frasunek <przemyslaw@...sunek.com>)
Re: Coordinated Disclosure in the LLM Age (Douglas Bagnall <douglas.bagnall@...alyst.net.nz>)
Re: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
Re: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
Re: Evince/Atril/Xreader command injection CVE-2026-46529 ("Michael Catanzaro" <mcatanzaro@...me.org>)
CVE-2026-45760: Apache Camel K: Camel K Cross-Namespace Build Deputy Attack (Pasquale Congiusti <pcongiusti@...che.org>)
Host ambiguous requests through NGINX $host and Debian's proxy_params (gabriel.corona@...e.fr)
CVE-2026-48207: Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement (Chaokun Yang <chaokunyang@...che.org>)
Linux kernel: Dirty Frag variants — fix merged into netdev (Hyunwoo Kim <imv4bel@...il.com>)
Re: Linux kernel: Dirty Frag variants — fix merged into netdev (Solar Designer <solar@...nwall.com>)
Re: Linux kernel: Dirty Frag variants — fix merged into netdev (Hyunwoo Kim <imv4bel@...il.com>)
CVE-2026-47243: Kata Containers runtime-rs 3.30: virtiofsd symlink escape (Aurelien Bombo <aurelien.bombo@...rosoft.com>)
CVE-2026-46473: Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand (Robert Rothenberg <rrwo@...nsec.org>)
Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) (Steffen Nurpmeso <steffen@...oden.eu>)
Re: Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 (nightmare.yeah27@...ecat.org)
Re: CVE-2026-45250: FreeBSD setcred(2) stack overflow -> local privilege escalation (FatGid) (Steffen Nurpmeso <steffen@...oden.eu>)
CVE-2026-5091: Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks (Robert Rothenberg <rrwo@...nsec.org>)
Re: Host ambiguous requests through NGINX **$http_host** and Debian's proxy_params (Gabriel Corona <gabriel.corona@...e.fr>)
Re: Host ambiguous requests through NGINX $host and Debian's proxy_params (Gabriel Corona <gabriel.corona@...e.fr>)

May 22 (15 messages)

Re: Re: Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 (Jeffrey Walton <noloader@...il.com>)
Re: Coordinated Disclosure in the LLM Age (Jacob Bachmeyer <jcb62281@...il.com>)
Re: Coordinated Disclosure in the LLM Age (Jeffrey Walton <noloader@...il.com>)
Re: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
Re: CVE-2026-45250: FreeBSD setcred(2) stack overflow -> local privilege escalation (FatGid) (Przemyslaw Frasunek <przemyslaw@...sunek.com>)
Vulnerabilities in golang.org/x/crypto (Alan Coopersmith <alan.coopersmith@...cle.com>)
CVE-2026-44417: Apache CXF: Incomplete fix for CVE-2025-48913 (Untrusted JMS configuration can lead to RCE) (Colm O hEigeartaigh <coheigea@...che.org>)
CVE-2026-44618: Apache CXF: XXE vulnerability in WS-Transfer functionality (Colm O hEigeartaigh <coheigea@...che.org>)
CVE-2026-44930: Apache CXF: LDAP Injection vulnerability in XKMS LDAP Repository (Colm O hEigeartaigh <coheigea@...che.org>)
Sv: Coordinated Disclosure in the LLM Age (Markus Klyver <markusklyver@...mail.com>)
Re: Evince/Atril/Xreader command injection CVE-2026-46529 (Wolfgang <raveit65.sun@...il.com>)
illumos: 18118 SCTP frees wrong-size, and need to keep private options (Dan McDonald <danmcd@...ecast.io>)
[vim-security] Multiple Memory Safety Issues in Vim Spell File Parser affects Vim < 9.2.0513 (Christian Brabandt <cb@...bit.org>)
NGINX ngx_http_rewrite_module buffer overflow (CVE-2026-9256) (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: Linux kernel: Dirty Frag variants — fix merged into netdev (Demi Marie Obenour <demiobenour@...il.com>)

May 23 (5 messages)

HPLIP: Potential Escalation of Privilege and Arbitrary Code Execution (Alan Coopersmith <alan.coopersmith@...cle.com>)
CVE-2026-9277: shell-quote before 1.8.4 command injection in quote() (Akshat Sinha <akshat.snh@...il.com>)
Re: Coordinated Disclosure in the LLM Age (Jacob Bachmeyer <jcb62281@...il.com>)
CVE-2026-45249: Apache ECharts: XSS in Lines series tooltip rendering (Zhongxiang Wang <wangzx@...che.org>)
Anthropic's coordinated vulnerability disclosure dashboard (Alan Coopersmith <alan.coopersmith@...cle.com>)

May 24 (10 messages)

Sv: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
Re: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
root-project/root: Heap buffer overflow in TKey::Streamer / TBasket::ReadBasketBuffers (Manopakorn Kooharueangrong <manopakorn.sec@...il.com>)
Re: root-project/root: Heap buffer overflow in TKey::Streamer / TBasket::ReadBasketBuffers (Solar Designer <solar@...nwall.com>)
Re: Coordinated Disclosure in the LLM Age (Solar Designer <solar@...nwall.com>)
Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method (Aaron Rainbolt <arraybolt3@...eup.net>)
Re: Memcached 1.6.42 is a "major security focused release" with CVE's TBD (Alan Coopersmith <alan.coopersmith@...cle.com>)
Re: root-project/root: Heap buffer overflow in TKey::Streamer / TBasket::ReadBasketBuffers (Matt Christie <mattacusspartacus@...il.com>)
CVE-2026-45361: Apache Airflow Google provider: SSH host key verification disabled in ComputeEngineSSHHook (paramiko AutoA… (Jens Scheffler <jscheffl@...che.org>)
CVE-2026-46745: Apache Airflow FAB provider: [ Security Report ] LDAP Filter Injection in FAB Auth Manager _search_ldap re… (Jens Scheffler <jscheffl@...che.org>)

381 messages

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.