security patch

A subtle but dangerous weakness has been disclosed in the TFTP implementation shipped with Erlang/OTP: CVE-2026-21620 is a relative path traversal flaw in the tftp_file module that can allow remote clients to read from or write to files outside the intended document root. The issue arises from...

Werkzeug’s safe_join() has a new Windows‑specific wrinkle: a recently assigned CVE shows the function can still resolve paths that end with legacy Windows device names when those names are embedded inside multi‑segment paths, allowing a remote request handled by send_from_directory() to open a...

A race in the Linux kernel’s Direct Rendering Manager (DRM) stack — tracked as CVE‑2023‑51043 — can let a nonblocking atomic modeset commit touch freed kernel memory when it races with a driver unload, producing a use‑after‑free that can crash or destabilize systems and has been fixed upstream...

A straightforward NULL-pointer bug in the Linux NFC stack — fixed upstream in the 6.5.9 stable release — created a local denial‑of‑service risk that could crash kernels handling Near‑Field Communication traffic; the defect was tracked as CVE‑2023‑46343 and closed by a one‑line defensive check in...

OpenSSH’s keystroke obfuscation feature, introduced to make interactive typing over SSH harder to observe, contained a logic error in versions 9.5 through 9.7 that undermined its protections and re-exposed limited keystroke timing information — including during echo-off password prompts such as...

A subtle bug in wolfSSL’s OpenSSL compatibility layer has quietly exposed a classic fork‑safety failure: under certain conditions, calls to RAND_bytes() in a child process could produce predictable values because the pseudo‑random generator state was inherited unchanged across fork(). The issue...

The Linux kernel CVE-2025-38173 has been assigned to a small but consequential fix in the Marvell CESA crypto driver: the kernel now explicitly handles zero‑length skcipher requests by returning 0 instead of dereferencing memory it shouldn't touch. The change is tiny in code — a defensive check...

The Linux kernel received a surgical fix for a subtle JFS bug that could trigger a shift-out-of-bounds in the dbDiscardAG routine — a condition that, if exercised on vulnerable kernels, can cause kernel instability and denial-of-service. The problem is small in code footprint but meaningful in...

FRRouting’s OSPF implementation contains a remotely triggerable NULL-pointer dereference in the show_vty_link_info path of ospf_ext.c that can crash the ospfd process and produce a network-impacting Denial of Service (DoS) when a specially crafted OSPF packet is processed—an issue tracked as...

The discovery and public assignment of CVE-2019-19317 put a spotlight on a subtle but consequential SQLite code-path involving generated columns and the query resolver’s column-usage tracking, with researchers and vendors converging on a short, surgical fix in the SQLite source tree. At a high...

Libvirt contains a concurrency-driven null-pointer dereference in the udevConnectListAllInterfaces() path that can crash the libvirt management daemon and produce a denial‑of‑service on affected hosts; vendors and upstream have released small, surgical fixes, but the operational risk to...

The Linux kernel patch for CVE-2025-37787 fixes a NULL-pointer crash in the Marvell mv88e6xxx Distributed Switch Architecture (DSA) driver by preventing attempts to unregister devlink regions that were never registered, but the practical exposure for enterprises depends on where that driver is...

A subtle arithmetic mistake in the Linux kernel’s NTFS3 driver has been fixed, closing CVE-2024-27407 — a locally exploitable buffer‑overflow vulnerability in the mi_enum_attr() routine that, if triggered on systems that mount NTFS volumes, can corrupt kernel memory, crash the host, and in the...

Arm’s Mbed TLS contained a subtle but consequential side‑channel flaw — tracked as CVE‑2020‑10941 — that allowed a privileged observer to recover RSA private key material by measuring cache usage during an import operation, and the case raises lasting lessons for developers, embedded vendors...

A null-pointer dereference in a compact C JSON library has quietly become a textbook reminder that tiny dependencies can create outsized operational risk: CVE-2024-31755 identifies a segmentation violation in cJSON v1.7.17 that can be triggered when the second parameter to cJSON_SetValuestring...

PHP’s mb_encode_mimeheader() can be weaponized to deny service: the bug tracked as CVE‑2024‑2757 causes the function to enter an endless loop when fed specially crafted header text, allowing an attacker to tie up PHP worker processes and render mail‑handling components or web endpoints...

A small, surgical change to the Linux kernel’s BPF hashtab code fixed a subtle integer‑overflow check that could be triggered on 32‑bit systems and lead to kernel instability or denial‑of‑service; the defect is tracked as CVE‑2024‑26884 and was introduced by a misplaced overflow test that ran...

A heap buffer overflow in the c-ares DNS parsing code — tracked as CVE-2020-22217 — lets a malicious name server craft an SOA reply that can crash or destabilize applications that use the vulnerable library, and in some configurations could lead to remote code execution. The bug was found in the...

Microsoft’s security advisory for CVE-2026-21255 confirms a Windows Hyper‑V vulnerability classed as a Security Feature Bypass and directs administrators to prioritize vendor-supplied updates; the public advisory is intentionally terse on exploit mechanics, so defenders must act on the vendor...

GitHub’s Copilot integration for JetBrains IDEs has been linked to a high‑severity command‑injection / remote code‑execution class flaw that can allow attacker‑controlled content to become executable on a developer’s workstation, and vendor tracking entries (including Microsoft’s Update Guide)...