Open Source Security mailing list

23.6K posts

Open Source Security mailing list

@oss_security

@Openwall oss-security mailing list thread summaries, currently maintained by @solardiz. Originally setup and maintained as an automated feed by @eugeneteo.

Katılım Ağustos 2009

9 Takip Edilen4.6K Takipçiler

Open Source Security mailing list@oss_security·2d

Linux kernel: Logic bug in __ptrace_may_access() openwall.com/lists/oss-secu… Discovered by @Qualys, publicly fixed in mainline, then reported to distros, spotted and exploited by others same day, distros scramble to fix their kernels as it became usual lately. x.com/spendergrsec/s…

Brad Spengler@spendergrsec

What have we here: git.kernel.org/pub/scm/linux/…

English

13.1K

Open Source Security mailing list@oss_security·2d

Vim: Command Injection in tar.vim affects Vim < 9.2.479 openwall.com/lists/oss-secu… Vim: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename affects Vim < 9.2.480 openwall.com/lists/oss-secu…

English

631

Open Source Security mailing list@oss_security·2d

CVE-2026-45205: Apache Commons Configuration: StackOverflowError for YAML input with cycles openwall.com/lists/oss-secu…

English

332

Open Source Security mailing list@oss_security·2d

CVE-2026-8328: CPython: FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address openwall.com/lists/oss-secu…

English

195

Open Source Security mailing list@oss_security·2d

CVE-2026-7210: Cpython: The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection openwall.com/lists/oss-secu…

English

610

Open Source Security mailing list@oss_security·2d

CVE-2026-42945 aka NGINX Rift: nginx: ngx_http_rewrite_module heap buffer overflow openwall.com/lists/oss-secu… Certain rewrite directives in the configuration let unauthenticated attackers crash worker processes or execute remote code via crafted HTTP requests x.com/depthfirstlabs…

depthfirst@depthfirstlabs

depthfirst autonomously discovered, verified, and generated a patch for NGINX rift, an 18 year old heap overflow (CVSS 9.2). It leads to an RCE and is affecting most of the global web traffic. Follow the link in the comments to learn more.

English

2.1K

Open Source Security mailing list@oss_security·2d

CVE-2026-46300 aka Fragnesia: Linux kernel: Page cache corruption via a logic bug in the Linux XFRM ESP-in-TCP subsystem openwall.com/lists/oss-secu… x.com/v12sec/status/…

V12@v12sec

another day, another universal linux LPE

English

2.4K

Open Source Security mailing list@oss_security·2d

CVE-2026-41326: Kata Containers: CopyFile Policy Subversion via Symlinks openwall.com/lists/oss-secu… allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers.

English

392

Open Source Security mailing list@oss_security·2d

CVE-2026-5958: GNU sed: TOCTOU race in sed -i --follow-symlinks openwall.com/lists/oss-secu… Fixed in 4.10 (2026-04-21)

English

1.1K

Open Source Security mailing list@oss_security·2d

OpenSSF Siren Advisory: Malicious Compromise of OpenSearch Pre-Release npm Packages openwall.com/lists/oss-secu… hundreds of packages across NPM & PyPi were affected

English

545

Open Source Security mailing list@oss_security·2d

Xen Security Advisory 490 v1 (CVE-2025-54518) - x86: CPU Opcode Cache corruption openwall.com/lists/oss-secu… AMD Fam17h CPUs (Zen2 microarchitecture) are vulnerable. Code of any privilege could escalate to a higher privilege, including userspace to kernel, and guest to host.

English

1.5K

Open Source Security mailing list@oss_security·2d

7 CVEs in Apache Tomcat openwall.com/lists/oss-secu… low to moderate severity

English

429

Open Source Security mailing list@oss_security·2d

Dovecot Security Advisory OXDC-2026-0002 openwall.com/lists/oss-secu… 5 CVEs fixed in Dovecot, CVSS from 3.1 to 7.4

English

260

Open Source Security mailing list@oss_security·2d

CVE-2026-45185: Exim: Use-after-free openwall.com/lists/oss-secu… in BDAT (binary data transmission) body parsing path when using the GnuTLS backend. Can lead to heap corruption and potential code execution. Fixed in 4.99.3. x.com/Xbow/status/20…

XBOW@Xbow

XBOW discovered a critical vulnerability in Exim (CVE-2026-45185), a widely used mail server. bit.ly/42yKTmX Our security researcher @fede_k shares the story of its discovery and disclosure below.

English

1.2K

Open Source Security mailing list@oss_security·2d

CVE-2026-45186: libexpat DoS openwall.com/lists/oss-secu… Quadratic runtime from attribute name collision checks allowed DoS through moderately sized crafted XML input. A layer of compression around XML can significantly reduce the minimum attack payload size. Fixed in 2.8.1.

English

307

Open Source Security mailing list@oss_security·2d

OpenSSL ARM64 SM2 scalar multiplication timing side-channel (no CVE) openwall.com/lists/oss-secu… OpenSSL's optimized SM2 scalar multiplication in ecp_sm2p256.c has data-dependent branches on the secret scalar, unlike the equivalent P-256 code (ecp_nistz256.c) in the same codebase

English

385

Open Source Security mailing list@oss_security·2d

dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation openwall.com/lists/oss-secu… 6 CVEs that were under embargo handled by CERT/CC until May 11. These are all long-standing bugs which apply to pretty much all non-ancient versions.

English

1.8K

Open Source Security mailing list@oss_security·2d

hathor-wallet-headless: Fail-open authentication openwall.com/lists/oss-secu… When http_api_key is unset - which is the shipped default - the daemon serves every wallet endpoint (start, send-tx, simple-send-tx, utxo-consolidation, melt-tokens, etc.) without authentication

English

264

Open Source Security mailing list@oss_security·2d

OSSA-2026-012,CVE-2026-44916: OpenStack Ironic: Remote Code Execution when Anaconda driver enabled openwall.com/lists/oss-secu… Users who can set node.instance_info['ks_template'] can achieve RCE on the ironic-conductor process, as the template is rendered without sandboxing

English

657

Open Source Security mailing list@oss_security·2d

CVE-2026-44931: malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API openwall.com/lists/oss-secu… Parental control system for GNOME. In 0.14.0 a D-Bus method was added which allows arbitrary users in the system to fill up the disk.

English

563

Keşfet

@qualys @elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA @nikifrancismediavine