Unknown CVE-2026-9076 Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Unknown] CVE-2026-9076 – Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) p...

VERWANDTEARTIKEL

ServiceNow discloses security incident exposing customer data

CVE-2026-47938 - Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918)

CVE-2026-48303 - Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

CVE-2026-47932 - ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

CVE-2026-47929 - ColdFusion | Incorrect Authorization (CWE-863)

CVE-2026-47928 - ColdFusion | Improper Input Validation (CWE-20)