Vulnerabilities
Vulnerable Software
Security Vulnerabilities
Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-07-06
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-07-06
Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a script payload breaks out of the attribute and injects a live script element. This issue is fixed in 0.163.3.
CVSS Score
5.1
EPSS Score
0.002
Published
2026-07-06
Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile "somefile" where somefile was a symlink pointing outside the mount would return the target's contents. This effectively let a symlink planted inside a theme or local mount read arbitrary files reachable to the user running hugo. This issue is fixed in v0.163.1.
CVSS Score
5.9
EPSS Score
0.003
Published
2026-07-06
Hugo is a static site generator. From v0.162.0 through v0.163.0, the default security.http.urls policy denies requests to loopback, internal, and cloud-metadata IPv4 literals, but the deny rule only matched dotted-decimal notation, so alternate IPv4 encodings of the same addresses, including integer, hex, or octal, passed the policy. When a template passes an untrusted or data-derived URL to resources.GetRemote and the host platform uses the cgo system resolver, these encodings resolve to the blocked address, allowing build-time server-side requests to loopback and internal services, including the cloud-metadata endpoint in hosted or CI builds; the same check is reused on redirects, so the gap also applies to each redirect hop. This issue is fixed in v0.163.1.
CVSS Score
4.6
EPSS Score
0.002
Published
2026-07-06


Contact Us

Shodan ® - All rights reserved