|
941
|
9.8 |
CRITICAL
Network
|
wolfssl
|
wolfssl
|
Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still…
|
CWE-416
Use After Free
|
CVE-2026-7531
|
2026-06-27 01:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
942
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19…
|
CWE-682
Incorrect Calculation
|
CVE-2026-10512
|
2026-06-27 01:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
943
|
6.5 |
MEDIUM
Network
|
rtklib
|
rtklib
|
RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count va…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-56789
|
2026-06-27 01:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
944
|
7.5 |
HIGH
Network
|
rtklib
|
rtklib
|
RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via craft…
|
CWE-193
Off-by-one Error
|
CVE-2026-56787
|
2026-06-27 01:53 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
945
|
9.8 |
CRITICAL
Network
|
rtklib
|
rtklib
|
RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fi…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-56786
|
2026-06-27 01:52 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
946
|
9.8 |
CRITICAL
Network
|
anysphere
|
cursor
|
Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default. Before a Write, the agent canonicalizes the target path to confirm it…
|
CWE-59
Link Following
|
CVE-2026-50549
|
2026-06-27 01:51 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
947
|
9.8 |
CRITICAL
Network
|
anysphere
|
cursor
|
Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working director…
|
CWE-22
Path Traversal
|
CVE-2026-50548
|
2026-06-27 01:51 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
948
|
6.5 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RS…
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2026-6291
|
2026-06-27 01:51 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
949
|
9.1 |
CRITICAL
Network
|
wolfssl
|
wolfssl
|
Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS.
|
CWE-125
Out-of-bounds Read
|
CVE-2026-6094
|
2026-06-27 01:51 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
950
|
6.5 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that end…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-6091
|
2026-06-27 01:50 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
