Vulnerabilities
Vulnerable Software
Security Vulnerabilities
Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-07-06
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-07-06
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-07-06
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.0.0 and prior to version 4.11.0, 32-bit integer overflows in OP-TEE core's AES-GCM implementation cause the authentication tag to be computed with incorrect bit-length values after processing more than 512 megabytes of payload or Additional Authenticated Data (AAD). Version 4.11.0 contains a patch. No known workarounds are available.
CVSS Score
3.8
EPSS Score
0.002
Published
2026-07-06
vLLM is an inference and serving engine for large language models. From 0.22.0 to 0.23.0, the /v1/audio/transcriptions and /v1/audio/translations routes call request.file.read() to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLM_MAX_AUDIO_CLIP_FILESIZE_MB compressed upload size limit (default 25 MB) later in the speech-to-text preprocessing step, so an API caller who can reach those routes can submit an oversized multipart upload and cause vLLM to allocate memory proportional to the uploaded file size before the request is rejected as too large, creating memory pressure or terminating the process depending on deployment resource limits. This issue is fixed in version 0.24.0.
CVSS Score
6.5
EPSS Score
0.003
Published
2026-07-06
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the function `cleanup_shm_refs()` in `core/tee/entry_std.c` fails to apply a required bitmask (`OPTEE_MSG_ATTR_TYPE_MASK`) to parameter attributes. When processing non-contiguous memory parameters from a normal-world caller, the system fails to match the attribute type in its internal switch statement and skips the necessary mobj_put() call. This results in a persistent reference leak of `mobj_reg_shm` objects, which remain on internal lists with dangling refcounts. This affects non-FF-A configurations that support non-contiguous, non-secure shared memory. Over time, these accumulated leaks progressively consume the secure-world heap, degrading the system's ability to service trusted application operations and eventually requiring a reboot to recover. Version 4.11.0 contains a patch. No known workarounds are available.
CVSS Score
3.8
EPSS Score
0.001
Published
2026-07-06


Contact Us

Shodan ® - All rights reserved