Security Vulnerabilities
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2026-05-21
libcasper(3) communicates with helper processes via UNIX domain sockets, and uses the select(2) system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select(2)'s descriptor set size limit of FD_SETSIZE (1024).
An attacker able to cause an application using libcasper(3) to allocate large file descriptors, e.g., by opening many descriptors and executing a program which is not careful to close them upon startup, may trigger stack corruption. If the target application runs with setuid root privileges, this could be used to escalate local privileges.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-05-21
Incorrect Behaviour of Views with TCP PROXY Requests
CVSS Score
4.8
EPSS Score
0.0
Published
2026-05-21
Insufficient Validation of Names During AXFR
CVSS Score
6.8
EPSS Score
0.0
Published
2026-05-21
Insufficient Validation of Autoprimary SOA Queries
CVSS Score
7.5
EPSS Score
0.0
Published
2026-05-21
Concurrency and locking defects in GSS-TSIG
CVSS Score
5.9
EPSS Score
0.0
Published
2026-05-21
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
CVSS Score
4.9
EPSS Score
0.0
Published
2026-05-21
The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs.
Because the bounds check on the supplementary groups list occurs after the kernel stack buffer has already been written, an unprivileged local user may trigger the overflow without holding any special privilege. Successful exploitation may allow an attacker to execute arbitrary code in the context of the kernel, allowing an unprivileged local user to gain elevated privileges on the affected system.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-05-21
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action URL.. Mattermost Advisory ID: MMSA-2026-00640
CVSS Score
8.0
EPSS Score
0.0
Published
2026-05-21
Mattermost versions 11.5.x <= 11.5.1 fail to validate team-level run_create permission against the target team when creating a playbook run which allows an authenticated team member to create runs in teams where they lack permission via specifying a different team ID in the run creation API request. Mattermost Advisory ID: MMSA-2026-00629
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-21