Access CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Access CVE published 2026-03-13

CVE-2026-4111

CVE-2026-4111 describes an availability issue in libarchive’s RAR5 decompression logic. A specially crafted RAR5 archive can cause the archive_read_data() processing path to stop making forward progress and spin in an infinite loop, consuming CPU until the affected service is impacted. Because the archive can pass checksum validation and appear structurally valid, the problem may not be detectable before [truncated]

MEDIUM Access CVE published 2026-02-09

CVE-2025-14831

CVE-2025-14831 describes a denial-of-service condition in GnuTLS that can be triggered by specially crafted malicious certificates. The issue is tied to excessive CPU and memory consumption when certificates contain unusually large numbers of name constraints and subject alternative names (SANs).