CVSS: 9.0EPSS: 1%CPEs: 31EXPL: 0CVE-2026-1761 – Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response
https://notcve.org/view.php?id=CVE-2026-1761
02 Feb 2026 — A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction. This update for libsoup2... • https://access.redhat.com/security/cve/CVE-2026-1761 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 34EXPL: 0CVE-2026-0719 – Libsoup: signed to unsigned conversion error leading to stack-based buffer overflow in libsoup ntlm authentication
https://notcve.org/view.php?id=CVE-2026-0719
08 Jan 2026 — A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk. An update for spice-client-win is now availab... • https://access.redhat.com/security/cve/CVE-2026-0719 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.7EPSS: 0%CPEs: 64EXPL: 0CVE-2025-13601 – Glib: integer overflow in in g_escape_uri_string()
https://notcve.org/view.php?id=CVE-2025-13601
26 Nov 2025 — A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. It was discovered that GLib incorrectly handled escaping URI strings. An attacker could use this issue to cause GLib to c... • https://access.redhat.com/security/cve/CVE-2025-13601 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.5EPSS: 0%CPEs: 32EXPL: 0CVE-2025-9566 – Podman: podman kube play command may overwrite host files
https://notcve.org/view.php?id=CVE-2025-9566
05 Sep 2025 — There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 There's a vulnerability in podman where an attack... • https://access.redhat.com/errata/RHSA-2025:15900 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 0CVE-2025-5987 – Libssh: invalid return code for chacha20 poly1305 with openssl backend
https://notcve.org/view.php?id=CVE-2025-5987
05 Jul 2025 — A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes. Ro... • https://access.redhat.com/security/cve/CVE-2025-5987 • CWE-393: Return of Wrong Status Code •