CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2026-42010 – Gnutls: gnutls: authentication bypass via nul character in username
https://notcve.org/view.php?id=CVE-2026-42010
07 May 2026 — A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process. • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2026-34002 – Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling
https://notcve.org/view.php?id=CVE-2026-34002
05 May 2026 — A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service. • https://access.redhat.com/security/cve/CVE-2026-34002 • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2026-34000 – Xwayland: xorg: x.org x server: information disclosure and denial of service via out-of-bounds read in xkb geometry processing.
https://notcve.org/view.php?id=CVE-2026-34000
05 May 2026 — A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server, either locally or remotely, can exploit this without user interaction. This could lead to the disclosure of memory contents or cause a denial of service by crashing the server. • https://access.redhat.com/security/cve/CVE-2026-34000 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2026-33845 – Gnutls: gnutls: denial of service via dtls zero-length fragment
https://notcve.org/view.php?id=CVE-2026-33845
30 Apr 2026 — A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service. • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 3.7EPSS: 0%CPEs: 8EXPL: 1CVE-2026-3832 – Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response
https://notcve.org/view.php?id=CVE-2026-3832
30 Apr 2026 — A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust. • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 7.4EPSS: 0%CPEs: 8EXPL: 1CVE-2026-3833 – Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison
https://notcve.org/view.php?id=CVE-2026-3833
30 Apr 2026 — A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized acce... • https://access.redhat.com/errata/RHSA-2026:13274 • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 1CVE-2026-5119 – Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
https://notcve.org/view.php?id=CVE-2026-5119
30 Mar 2026 — A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation. Se encontró una vulnerabilidad en libsoup. Al establecer túneles HTTPS a través de un proxy HTTP configurado, las cookies de sesión sensibles se transmiten en texto claro dent... • https://access.redhat.com/security/cve/CVE-2026-5119 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0965 – Libssh: libssh: denial of service via improper configuration file handling
https://notcve.org/view.php?id=CVE-2026-0965
26 Mar 2026 — A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations. Se encontró una falla en libssh donde puede intentar abrir archivos arbitrarios durante el anális... • https://access.redhat.com/security/cve/CVE-2026-0965 • CWE-73: External Control of File Name or Path •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0967 – Libssh: libssh: denial of service via inefficient regular expression processing
https://notcve.org/view.php?id=CVE-2026-0967
26 Mar 2026 — A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client. Se encontró una vulnerabilidad en libssh. Un atacante remoto, al controlar los archivos de configuración del cliente o los archivos known_hosts, podría cre... • https://access.redhat.com/security/cve/CVE-2026-0967 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2026-4647 – Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
https://notcve.org/view.php?id=CVE-2026-4647
23 Mar 2026 — A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks. Se encontró ... • https://access.redhat.com/security/cve/CVE-2026-4647 • CWE-125: Out-of-bounds Read •