Uuganbayar Lkhamsuren

#11143of 53,633
24.7Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2026-44992
7.5
2026-05-29
Debian · Golang-Golang-X-Image · CVE-2026-46599
**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined (affected versions not specified) **Description** The TIFF decoder fails to impose a limit on the size of PackBits-compressed data. This allows a maliciously crafted image, even one with small pixel dimensions and encoded size, to force the decoder to process excessive amounts of compressed data, leading to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2026-43022
5.3
2026-05-24
Rclone · Rclone · CVE-2026-42500
**Name of the Vulnerable Software and Affected Versions** rclone versions prior to 1.74.2-1.1 **Description** Decoding a paletted BMP file with an out-of-range palette index causes a panic when accessing pixels in the invalid image. **Recommendations** Update to version 1.74.2-1.1.
PT-2026-31063
6.4
2026-04-07
Unknown · Root.Chmod · CVE-2026-32282
Name of the Vulnerable Software and Affected Versions Root.Chmod (affected versions not specified) Description On Linux, if the target of Root.Chmod is replaced with a symlink during a chmod operation, the operation can affect the symlink's target, even if that target is outside the root directory. The Linux fchmodat syscall does not respect the AT SYMLINK NOFOLLOW flag, which Root.Chmod uses to prevent symlink traversal. Root.Chmod verifies its target before proceeding and returns an error if the target is a symlink outside the root, but this check can be bypassed if the target is replaced with a symlink between the check and the operation. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2026-31065
5.5
2026-04-07
Unknown · Tar.Reader · CVE-2026-32288
Name of the Vulnerable Software and Affected Versions tar.Reader (affected versions not specified) Description tar.Reader can allocate an unbounded amount of memory when processing a specially crafted archive containing numerous sparse regions encoded using the "old GNU sparse map" format. This can lead to excessive memory consumption and potentially cause a denial-of-service condition. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.