These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-3832 was publicly disclosed on 2026-04-30. The issue is a logic error in GnuTLS OCSP handling that can affect TLS clients using OCSP verification. According to the NVD record and Red Hat references, a specially crafted multi-record OCSP response presented during handshake may cause a client to incorrectly accept a revoked server certificate, weakening trust validation.
CVE-2026-5119 describes a cleartext transmission issue in libsoup during HTTPS tunneling through an HTTP proxy. In the initial HTTP CONNECT request, sensitive session cookies may be exposed before the tunnel is established. A network-positioned attacker or a malicious proxy could intercept those cookies and potentially reuse them for session hijacking or user impersonation.
CVE-2026-0966 is a network-reachable denial-of-service issue in libssh. According to the CVE record and NVD data, the flaw was published on 2026-03-26 and later modified on 2026-05-11. The issue affects ssh_get_hexa() when it processes zero-length input, and exploitation is tied to GSSAPI authentication with server logging verbosity set to SSH_LOG_PACKET (3) or higher. The practical result is a self-denia [truncated]
CVE-2026-4775 is a libtiff flaw involving a signed integer overflow in putcontig8bitYCbCr44tile. When triggered by a specially crafted TIFF file, the bad calculation can produce an out-of-bounds heap write, which may crash the application or create a path to code execution. The supplied NVD data also ties the issue to Red Hat and Debian advisory references and lists multiple affected platform CPEs.
CVE-2026-4424 is a high-severity information-disclosure issue in libarchive's RAR handling. A specially crafted RAR archive can trigger a heap out-of-bounds read and expose sensitive heap memory, with no authentication or user interaction required.
CVE-2026-4271 was published on 2026-03-17 and later modified on 2026-05-11. According to the official CVE and NVD records, the issue is a use-after-free in libsoup's HTTP/2 server implementation. A remote attacker can send specially crafted HTTP/2 requests that cause authentication failures, leading the application to access freed memory and potentially crash. The documented impact is denial of service, w [truncated]
CVE-2025-14512 is a medium-severity vulnerability in GLib’s GIO handling that can be triggered when escape_byte_string() processes malicious file or remote filesystem attribute values. The flaw is an integer overflow that can lead to a heap buffer overflow and denial of service. NVD rates the issue as network-reachable with low attack complexity and user interaction required, and the supplied Red Hat refe [truncated]
CVE-2025-14087 describes a flaw in GLib’s GVariant parser that can be triggered by maliciously crafted input strings. The result can be heap corruption, which may lead to denial of service and, in some cases, potential code execution. NVD records this as a medium-severity issue, and Red Hat-linked references show affected GLib versions before 2.86.3 as well as multiple Red Hat Enterprise Linux streams.
CVE-2023-50781 is a high-severity m2crypto issue that may allow a remote attacker to decrypt captured TLS messages on servers that use RSA key exchanges, creating a confidentiality risk for sensitive data. NVD rates the issue 7.5 (High) with network attackability, no privileges required, and no user interaction, and classifies it as CWE-203.
CVE-2023-52356 is a high-severity availability issue in libtiff. According to the supplied NVD record, a crafted TIFF file can trigger a segmentation fault and heap-buffer overflow in TIFFReadRGBATileExt(), allowing a remote attacker to cause denial of service. The record does not indicate impact to confidentiality or integrity, but it does map to a network-reachable, no-authentication attack surface with [truncated]
CVE-2023-48795, known as the Terrapin attack, is an SSH transport protocol weakness that can let a remote attacker omit some packets during extension negotiation and weaken session security. The issue affects OpenSSH before 9.6 and a wide range of SSH clients, libraries, and appliances listed in the CVE record.
CVE-2023-6121 is a Linux kernel NVMe-oF/TCP issue that can expose kernel memory contents through an out-of-bounds read. According to the supplied source description, a crafted TCP packet may trigger a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg). NVD classifies the weakness as CWE-125 and rates it CVSS 4.3 (AV:N/AC:L/PR:L/UI [truncated]
CVE-2023-4806 is a narrowly triggered glibc use-after-free in getaddrinfo that can lead to an application crash. The issue is publicly dated 2023-09-18 and, per the NVD record, was later modified on 2026-05-12. The exposure is unusual: it requires an NSS module that implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks, omits _nss_*_gethostbyname3_r, and is hit through a getaddrinfo [truncated]
CVE-2023-4527 is a glibc flaw that can leak limited stack contents and trigger a crash when getaddrinfo is used with AF_UNSPEC on systems configured for no-aaaa mode. The issue is network-triggered, has no user interaction requirement, and is tracked by NVD with a medium CVSS score of 6.5.
CVE-2023-3019 is a denial-of-service vulnerability in QEMU’s e1000e NIC emulation. The flaw is described as a DMA reentrancy issue that can lead to a use-after-free condition. In affected environments, a privileged guest user may be able to crash the QEMU process on the host. The practical impact is host-side service disruption rather than direct data compromise, but virtualization platforms that rely on [truncated]
CVE-2016-9811 is a denial-of-service vulnerability in GStreamer's gst-plugins-base component, specifically the windows_icon_typefind function in versions before 1.10.2. The issue is an out-of-bounds read triggered by a crafted ICO file. NVD records this CVE as published on 2017-01-13 and later modified on 2026-05-13.