A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The name of the patch is

A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer overflow. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be used for attacks. This patch is called d9b1d711ea1fde52ac73a82088b512a3e

A flaw has been found in bettercap up to 2.41.5. Affected by this issue is some unknown functionality of the file modules/mysql_server/mysql_server.go of the component MySQL Server. Executing a manipulation can lead to integer coercion error. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been publishe

A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogod_ipp_primitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be diffic

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this issue. This patch is called 76d911046344a3923cbe573364197aa081944592. It is suggested to upgrade the a

CVE-2026-7598 是 libssh2 库（版本 ≤1.11.1）中 src/userauth.c 文件内的 userauth_password 函数存在的一个整数溢出漏洞。攻击者无需身份验证即可远程触发该漏洞，通过操控 username_len 或 password_len 参数导致整数溢出，进而可能引发越界读写或内存破坏。该漏洞的 CVSS 3.1 评分为 7.3（高严重性），攻击复杂度低，无需用户交互，影响机密性、完整性和可用性。官方已提供补丁（commit 256d04b60d80bf1190e96b0ad1e91b2174d744b1），建议用户立即升级至修复版本或应用该补丁。临时缓解措施可包括限制对 libssh2 服务的网络访问，仅允许可信 IP 连接。由于该漏洞可被远程利用且影响范围较广，建议安全团队优先评估受影响资产并安排修复。目前无已知在野利用证据。