CVE-2026-38641

Publié : 26 juin 2026

Modifié : 26 juin 2026

Description détaillée

An issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafted shared library.

Références et Patchs

https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2026-38641 https://gitlab.redox-os.org/redox-os/relibc/-/issues/263 https://gitlab.redox-os.org/redox-os/relibc/-/merge_requests/1046 https://gitlab.redox-os.org/redox-os/relibc/-/work_items/263

Dernières Vulnérabilités

CVE-2026-56414

A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This design omission enables the placement of unexpected or malformed data in locations intended for trusted certificate material, which could affect system integrity or behavior even after reboot.

VOIR DÉTAILS

CVE-2026-55975

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.

VOIR DÉTAILS

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and scripts to be accepted and written directly to the server.

VOIR DÉTAILS