IndexedVerified
C/C++/Rust Security
C, C++, and Rust SAST rules aggregated across verified providers.
Fetch pack
greprules pack fetch c-cpp-rust-security --engine opengrepcurl https://api.greprules.io/api/packs/c-cpp-rust-security.tar.gz -o c-cpp-rust-security.tar.gzIncluded rules
CVE-2024-23644: Rust Iterator All Empty Bypass
cve-2024-23644-rust-iterator-all-empty-bypassCVE-2024-25177: Luajit Unsink Fstore Null Metatablecve-2024-25177-luajit-unsink-fstore-null-metatableCVE-2024-40897: Unbounded Vsprintf Callcve-2024-40897-unbounded-vsprintf-callCVE-2025-11935: Src Tls13 C Cwe 000 Cve 2025 11935cve-2025-11935-src-tls13-c-cwe-000-cve-2025-11935CVE-2025-13654: Buffer Bounds Check Integer Underflowcve-2025-13654-buffer-bounds-check-integer-underflowCVE-2025-15556: Notepadpp Wingup Missing Cert Verificationcve-2025-15556-notepadpp-wingup-missing-cert-verificationCVE-2025-27591: Rs Unsafe World Writable Permissionscve-2025-27591-rs-unsafe-world-writable-permissionsCVE-2025-2884: Tpm2 Missing Hmac Sigalg Checkcve-2025-2884-tpm2-missing-hmac-sigalg-checkCVE-2025-32464: Buffer Bound Mismatch Appendcve-2025-32464-buffer-bound-mismatch-appendCVE-2025-53010: Cpp Unchecked Getoutput Pushcve-2025-53010-cpp-unchecked-getoutput-pushCVE-2025-53012: Unbounded Cycle Detection Depthcve-2025-53012-unbounded-cycle-detection-depthCVE-2025-53538: Http2 Data Frame Stream Zerocve-2025-53538-http2-data-frame-stream-zeroCVE-2025-56225: Fluidsynth Missing Preset Null Checkcve-2025-56225-fluidsynth-missing-preset-null-checkCVE-2025-57767: Pjsip Unchecked Auth Headercve-2025-57767-pjsip-unchecked-auth-headerCVE-2025-58446: Unbounded Repetition Unrolling Doscve-2025-58446-unbounded-repetition-unrolling-dosCVE-2025-59148: Missing Null Check Flowvarcve-2025-59148-missing-null-check-flowvarCVE-2025-5915: Cve 2025 5915 Missing Error Stringcve-2025-5915-cve-2025-5915-missing-error-stringCVE-2025-62162: Unvalidated Ast Deref Visitorcve-2025-62162-unvalidated-ast-deref-visitorCVE-2025-62186: Rust Sql Format Injectioncve-2025-62186-rust-sql-format-injectionCVE-2025-64330: Suricata Alert Verdict Oob Readcve-2025-64330-suricata-alert-verdict-oob-readCVE-2025-64335: Suricata Detect Engine Buffer Null Derefcve-2025-64335-suricata-detect-engine-buffer-null-derefCVE-2025-64438: Rtps Unbounded Gap Iterationcve-2025-64438-rtps-unbounded-gap-iterationCVE-2025-65493: Global Openssl Engine Singletoncve-2025-65493-global-openssl-engine-singletonCVE-2025-65947: Mach Vm Deallocate Incorrect Castcve-2025-65947-mach-vm-deallocate-incorrect-castCVE-2025-66692: Missing Signature Length Checkcve-2025-66692-missing-signature-length-checkCVE-2025-68468: Core Browse C Cwe 000 Cve 2025 68468cve-2025-68468-core-browse-c-cwe-000-cve-2025-68468CVE-2025-68471: Reachable Assert Duplicate Statecve-2025-68471-reachable-assert-duplicate-stateCVE-2025-69261: Wasm Memory Integer Truncation Bounds Bypasscve-2025-69261-wasm-memory-integer-truncation-bounds-bypassCVE-2025-70954: Ton Tvm Uncaught Null Tuple Indexcve-2025-70954-ton-tvm-uncaught-null-tuple-indexCVE-2025-70956: Ton Runvm Gas Limit Bypasscve-2025-70956-ton-runvm-gas-limit-bypassCVE-2025-70957: Ton Unsafe Continuation Deserializationcve-2025-70957-ton-unsafe-continuation-deserializationCVE-2025-9230: Bounds Check Underflow Size T Castcve-2025-9230-bounds-check-underflow-size-t-castCVE-2025-9810: C Toctou Chmod After Opencve-2025-9810-c-toctou-chmod-after-openCVE-2026-0599: Reqwest Unbounded Body Readcve-2026-0599-reqwest-unbounded-body-readCVE-2026-21507: Infinite Loop Missing Read Zero Checkcve-2026-21507-infinite-loop-missing-read-zero-checkCVE-2026-21863: Network Packet Header Oob Readcve-2026-21863-network-packet-header-oob-readCVE-2026-21864: Valkey Module Missing Handle Io Errorscve-2026-21864-valkey-module-missing-handle-io-errorsCVE-2026-22023: Crypto Aos C Cwe 000 Cve 2026 22023cve-2026-22023-crypto-aos-c-cwe-000-cve-2026-22023CVE-2026-22259: Incomplete Tx State Checkcve-2026-22259-incomplete-tx-state-checkCVE-2026-22700: Unchecked Split Atcve-2026-22700-unchecked-split-atCVE-2026-24401: Missing Cname Loop Detectioncve-2026-24401-missing-cname-loop-detectionCVE-2026-24675: Freerdp Cve 2026 24675cve-2026-24675-freerdp-cve-2026-24675CVE-2026-24676: Freerdp Audin Format Uafcve-2026-24676-freerdp-audin-format-uafCVE-2026-24682: Cleanup Function Doubled Argumentcve-2026-24682-cleanup-function-doubled-argumentCVE-2026-24684: Freerdp Rdpsnd Missing Thread Terminatecve-2026-24684-freerdp-rdpsnd-missing-thread-terminateCVE-2026-24783: Fixed Point Negative Roundingcve-2026-24783-fixed-point-negative-roundingCVE-2026-24827: Cve 2026 24827 Lua Stack Exhaustion Oobcve-2026-24827-cve-2026-24827-lua-stack-exhaustion-oobCVE-2026-24829: Insecure Libjpeg Color Components Checkcve-2026-24829-insecure-libjpeg-color-components-checkCVE-2026-24831: Openssl Tonelli Shanks Infinite Loopcve-2026-24831-openssl-tonelli-shanks-infinite-loopCVE-2026-25541: Rust Unchecked Bounds Additioncve-2026-25541-rust-unchecked-bounds-additionCVE-2026-25627: Log After Freecve-2026-25627-log-after-freeCVE-2026-25727: Rfc Rfc2822 Rs Cwe 000 Cve 2026 25727cve-2026-25727-rfc-rfc2822-rs-cwe-000-cve-2026-25727CVE-2026-26275: Rust Matches Macro Variable Bindingcve-2026-26275-rust-matches-macro-variable-bindingCVE-2026-26981: Size Clamping Integer Underflowcve-2026-26981-size-clamping-integer-underflowCVE-2026-26986: Freerdp Rail Window Uafcve-2026-26986-freerdp-rail-window-uafCVE-2026-27015: Winpr Unsafe Stream Padding Seekcve-2026-27015-winpr-unsafe-stream-padding-seekCVE-2026-27195: Unbounded Repeat Take Allocationcve-2026-27195-unbounded-repeat-take-allocationCVE-2026-27204: Wasi Async Resource Leak Bypasscve-2026-27204-wasi-async-resource-leak-bypassCVE-2026-27572: Rust Unbounded Repeat Take Allocationcve-2026-27572-rust-unbounded-repeat-take-allocationCVE-2026-28427: Rust Path Traversal Starts Withcve-2026-28427-rust-path-traversal-starts-withCVE-2026-28525: Mongoose Multipart Integer Underflowcve-2026-28525-mongoose-multipart-integer-underflowCVE-2026-31883: Unvalidated Block Header Size Subtractioncve-2026-31883-unvalidated-block-header-size-subtractionCVE-2026-32624: Strncat Size Minus Src Lencve-2026-32624-strncat-size-minus-src-lenCVE-2026-33056: Rust Symlink Metadata Bypasscve-2026-33056-rust-symlink-metadata-bypassCVE-2026-33693: Rust Ipv4 Missing Unspecified Checkcve-2026-33693-rust-ipv4-missing-unspecified-checkCVE-2026-33952: Freerdp Cve 2026 33952 Missing Auth Lengthcve-2026-33952-freerdp-cve-2026-33952-missing-auth-lengthCVE-2026-40449: Implicit Signed Unsigned Comparisoncve-2026-40449-implicit-signed-unsigned-comparisonCVE-2026-40450: Implicit Sign Extension Bypasscve-2026-40450-implicit-sign-extension-bypassCVE-2026-41666: Implicit Signed Unsigned Comparison Overflowcve-2026-41666-implicit-signed-unsigned-comparison-overflowCVE-2026-41667: Improper Integer Bounds Check Missing Castcve-2026-41667-improper-integer-bounds-check-missing-castCVE-2026-42209: Cpp Unchecked Modulo Countcve-2026-42209-cpp-unchecked-modulo-countCVE-2026-44054: Predictable Session Token From Pidcve-2026-44054-predictable-session-token-from-pidCVE-2026-4426: Cve 2026 4426 Unpatched Error Propagationcve-2026-4426-cve-2026-4426-unpatched-error-propagationCVE-2026-47273: Pam Usb Xpath Injectioncve-2026-47273-pam-usb-xpath-injectionCVE-2026-48682: Cpp Unvalidated Ihl Pointer Advancecve-2026-48682-cpp-unvalidated-ihl-pointer-advanceCVE-2026-5164: Virtio Viostor Shared Discard Statecve-2026-5164-virtio-viostor-shared-discard-stateCVE-2026-6839: Cpp Signed Unsigned Overflow Check Bypasscve-2026-6839-cpp-signed-unsigned-overflow-check-bypassCVE-2026-8669: Giflib Missing Bounds Check Skip Branchcve-2026-8669-giflib-missing-bounds-check-skip-branchCVE-2026-8829: Perl Xs Svpv Alias Uafcve-2026-8829-perl-xs-svpv-alias-uafCVE-2026-9149: Integer Overflow Missing Bounds Checkcve-2026-9149-integer-overflow-missing-bounds-checkCVE-2026-9150: Sha Buffer Overflow Strcpycve-2026-9150-sha-buffer-overflow-strcpyCVE-2016-20022: Linux Usb Missing Maxpacket Validationcve-2016-20022-linux-usb-missing-maxpacket-validationCVE-2021-47781: Printf Family Self Concatenation Overflowcve-2021-47781-printf-family-self-concatenation-overflowCVE-2022-39215: Rust Recursive Fs Read Dir Without Symlink Checkcve-2022-39215-rust-recursive-fs-read-dir-without-symlink-checkCVE-2022-48624: Cve 2022 48624 Command Injection Unquoted Varscve-2022-48624-cve-2022-48624-command-injection-unquoted-varsCVE-2022-4967: Strongswan Trust Cert Subject Bypasscve-2022-4967-strongswan-trust-cert-subject-bypassCVE-2023-34460: Rust Glob Flipped Require Literal Leading Dotcve-2023-34460-rust-glob-flipped-require-literal-leading-dotCVE-2023-44451: Glib Archive Path Traversalcve-2023-44451-glib-archive-path-traversalCVE-2023-44452: Glib Dynamic Spawn Argument Injectioncve-2023-44452-glib-dynamic-spawn-argument-injectionCVE-2023-45235: Insecure Command Injection Concatenationcve-2023-45235-insecure-command-injection-concatenationCVE-2023-47480: Unchecked Privilege Dropcve-2023-47480-unchecked-privilege-dropCVE-2023-50009: Unrolled Loop Edges Oobcve-2023-50009-unrolled-loop-edges-oobCVE-2023-50010: Cve 2023 50010 Gradfun Overreadcve-2023-50010-cve-2023-50010-gradfun-overreadCVE-2023-50229: Unchecked Len Memcmp Memcpycve-2023-50229-unchecked-len-memcmp-memcpyCVE-2023-50230: Bluez Pbap Unvalidated Memcpycve-2023-50230-bluez-pbap-unvalidated-memcpyCVE-2023-52076: Glib Gstring Path Traversal Archivecve-2023-52076-glib-gstring-path-traversal-archiveCVE-2023-52138: Command Cpio C Cwe 000 Cve 2023 52138cve-2023-52138-command-cpio-c-cwe-000-cve-2023-52138CVE-2023-6175: Cpp Qt Minizip Zip Slipcve-2023-6175-cpp-qt-minizip-zip-slipCVE-2024-11236: C Pdo Quoter Zend String Alloc Missing Zstr Max Len Checkcve-2024-11236-c-pdo-quoter-zend-string-alloc-missing-zstr-max-len-checkCVE-2024-11595: Qt Minizip Path Traversalcve-2024-11595-qt-minizip-path-traversalCVE-2024-11596: Qt Minizip Zip Slipcve-2024-11596-qt-minizip-zip-slipCVE-2024-23324: Cpp Protobuf Unsanitized String Valuecve-2024-23324-cpp-protobuf-unsanitized-string-valueCVE-2024-2338: Anon C Cwe 000 Cve 2024 2338cve-2024-2338-anon-c-cwe-000-cve-2024-2338CVE-2024-2339: Pg Extension Missing Recursive Validationcve-2024-2339-pg-extension-missing-recursive-validationCVE-2024-24830: Openobserve User Creation Missing Initiator Authzcve-2024-24830-openobserve-user-creation-missing-initiator-authzCVE-2024-26256: Integer Underflow Loop Boundcve-2024-26256-integer-underflow-loop-boundCVE-2024-27529: Wasm3 Missing Memoryimport Cleanupcve-2024-27529-wasm3-missing-memoryimport-cleanupCVE-2024-2955: Qt Minizip Zip Slipcve-2024-2955-qt-minizip-zip-slipCVE-2024-31837: Unsafe Buffer Copy Strcpycve-2024-31837-unsafe-buffer-copy-strcpyCVE-2024-32487: Less Shell Escape Newline Bypasscve-2024-32487-less-shell-escape-newline-bypassCVE-2024-35368: Ffmpeg Hw Frames Ctx Double Free On Goto Failcve-2024-35368-ffmpeg-hw-frames-ctx-double-free-on-goto-failCVE-2024-39934: Robocorp Rcc Shared Holotree Enabledcve-2024-39934-robocorp-rcc-shared-holotree-enabledCVE-2024-40427: Px4 Unbounded Struct Writecve-2024-40427-px4-unbounded-struct-writeCVE-2024-40493: Freecoap Memcpy Coap Msg Get Payload Null Derefcve-2024-40493-freecoap-memcpy-coap-msg-get-payload-null-derefCVE-2024-41311: Off By One Image Bounds Checkcve-2024-41311-off-by-one-image-bounds-checkCVE-2024-43395: Path Segment Sanitization Bypasscve-2024-43395-path-segment-sanitization-bypassCVE-2024-43700: Unbounded Pointer Increment Sprintfcve-2024-43700-unbounded-pointer-increment-sprintfCVE-2024-46613: Int Counter Iterating Null Terminated Pointer Arraycve-2024-46613-int-counter-iterating-null-terminated-pointer-arrayCVE-2024-46952: Integer Truncation Max Width Allocationcve-2024-46952-integer-truncation-max-width-allocationCVE-2024-47076: Cups Missing Ippvalidateattributescve-2024-47076-cups-missing-ippvalidateattributesCVE-2024-51745: Incomplete Windows Reserved Device Denylist Superscriptscve-2024-51745-incomplete-windows-reserved-device-denylist-superscriptsCVE-2024-53256: Rizin Metadata Command Injectioncve-2024-53256-rizin-metadata-command-injectionCVE-2024-55193: Cpp Additive Bounds Check Integer Overflow Icccve-2024-55193-cpp-additive-bounds-check-integer-overflow-iccCVE-2024-55194: Oiio Oiiotool Unchecked Readcve-2024-55194-oiio-oiiotool-unchecked-readCVE-2024-56406: Pmtrans Utf8 Max Expansion Missingcve-2024-56406-pmtrans-utf8-max-expansion-missingCVE-2024-6303: Conduit Unauthorized Room Alias Mutationcve-2024-6303-conduit-unauthorized-room-alias-mutationCVE-2024-8250: Qt Minizip Path Traversal Zip Slipcve-2024-8250-qt-minizip-path-traversal-zip-slipCVE-2024-8375: Tensorflow Unvalidated Proto Conversioncve-2024-8375-tensorflow-unvalidated-proto-conversionCVE-2024-9780: Cpp Qt Minizip Zipslipcve-2024-9780-cpp-qt-minizip-zipslipCVE-2025-0634: Rlottie Gradient Populate Unchecked Colorpoints Oobcve-2025-0634-rlottie-gradient-populate-unchecked-colorpoints-oobCVE-2025-0838: Abseil Raw Hash Set Alloc Size Integer Overflowcve-2025-0838-abseil-raw-hash-set-alloc-size-integer-overflowCVE-2025-11624: Wolfssh Sftp Handle Size Missing Exact Checkcve-2025-11624-wolfssh-sftp-handle-size-missing-exact-checkCVE-2025-1492: Qt Minizip Zip Slipcve-2025-1492-qt-minizip-zip-slipCVE-2025-15382: Memmove Shift Overread Dest Lengthcve-2025-15382-memmove-shift-overread-dest-lengthCVE-2025-1744: Zlib Inflate Getheader Extra Field Oob Writecve-2025-1744-zlib-inflate-getheader-extra-field-oob-writeCVE-2025-24802: Plonky2 Zero Padding Lookup Tablecve-2025-24802-plonky2-zero-padding-lookup-tableCVE-2025-24903: Src Cipher Rs Cwe 000 Cve 2025 24903cve-2025-24903-src-cipher-rs-cwe-000-cve-2025-24903CVE-2025-25066: Unbounded Scanf Format Stringcve-2025-25066-unbounded-scanf-format-stringCVE-2025-26819: Cpp Unbounded Queue Memory Accumulationcve-2025-26819-cpp-unbounded-queue-memory-accumulationCVE-2025-29906: Cve 2025 29906 Login Option Injectioncve-2025-29906-cve-2025-29906-login-option-injectionCVE-2025-30403: Cpp Dcheck Bounds Bypasscve-2025-30403-cpp-dcheck-bounds-bypassCVE-2025-34468: C Unbounded Memcpy Into Fixed Char Buffer From Struct Lengthcve-2025-34468-c-unbounded-memcpy-into-fixed-char-buffer-from-struct-lengthCVE-2025-4447: Reverse Pointer Subtraction Sizecve-2025-4447-reverse-pointer-subtraction-sizeCVE-2025-44560: Owntone Mpd Tag Newline Injectioncve-2025-44560-owntone-mpd-tag-newline-injectionCVE-2025-46597: Serialization Size Overflow 32bitcve-2025-46597-serialization-size-overflow-32bitCVE-2025-47869: Nuttx Xmlrpc Getstring Undersized Destination Buffercve-2025-47869-nuttx-xmlrpc-getstring-undersized-destination-bufferCVE-2025-48071: Openexr Missing Uncompressed Size Bounds Checkcve-2025-48071-openexr-missing-uncompressed-size-bounds-checkCVE-2025-49809: Untrusted Env Exec Path Skippedcve-2025-49809-untrusted-env-exec-path-skippedCVE-2025-52464: Unseeded Curve25519 Keygencve-2025-52464-unseeded-curve25519-keygenCVE-2025-53644: Opencv Openjpeg Jp2 Unchecked J2k Read Header Statuscve-2025-53644-opencv-openjpeg-jp2-unchecked-j2k-read-header-statusCVE-2025-54469: Getenv To Popen Command Injectioncve-2025-54469-getenv-to-popen-command-injectionCVE-2025-54874: Openjpeg Opj J2k Read Header Unchecked Return Image Derefcve-2025-54874-openjpeg-opj-j2k-read-header-unchecked-return-image-derefCVE-2025-54949: Executorch Memcpy Indexed Offset Without Capacity Checkcve-2025-54949-executorch-memcpy-indexed-offset-without-capacity-checkCVE-2025-54952: Executorch Unchecked Size Mul Sizeof In Allocatecve-2025-54952-executorch-unchecked-size-mul-sizeof-in-allocateCVE-2025-55089: Filex Fx Media Format Unchecked Returncve-2025-55089-filex-fx-media-format-unchecked-returnCVE-2025-5601: Qt Minizip Zip Slipcve-2025-5601-qt-minizip-zip-slipCVE-2025-57808: Strncmp Offset Length Auth Bypasscve-2025-57808-strncmp-offset-length-auth-bypassCVE-2025-62161: Toctou Open Close Bind Mount Same Pathcve-2025-62161-toctou-open-close-bind-mount-same-pathCVE-2025-62235: Nimble Auth Bypass Spoofingcve-2025-62235-nimble-auth-bypass-spoofingCVE-2025-62291: Strongswan Eap Mschapv2 Len Underflowcve-2025-62291-strongswan-eap-mschapv2-len-underflowCVE-2025-62425: Matrix Auth Missing Rate Limitcve-2025-62425-matrix-auth-missing-rate-limitCVE-2025-62518: Tar Pax Size Smugglingcve-2025-62518-tar-pax-size-smugglingCVE-2025-62596: Rust Procfs Myself Toctou Mount Racecve-2025-62596-rust-procfs-myself-toctou-mount-raceCVE-2025-62600: Untrusted Size Allocation Oomcve-2025-62600-untrusted-size-allocation-oomCVE-2025-65882: C Insecure Mktemp Toctoucve-2025-65882-c-insecure-mktemp-toctouCVE-2025-66216: Ais Catcher Cve 2025 66216 Bit Byte Bounds Confusioncve-2025-66216-ais-catcher-cve-2025-66216-bit-byte-bounds-confusionCVE-2025-66570: Cpp Untrusted Ip Forwarding Headercve-2025-66570-cpp-untrusted-ip-forwarding-headerCVE-2025-66647: Gnrc Ipv6 Ext Frag Reass First Fragment Overflowcve-2025-66647-gnrc-ipv6-ext-frag-reass-first-fragment-overflowCVE-2025-68432: Mcp Server Missing Oauth Providercve-2025-68432-mcp-server-missing-oauth-providerCVE-2025-68473: Bluedroid Sdp Uuid Oob Writecve-2025-68473-bluedroid-sdp-uuid-oob-writeCVE-2025-68474: Bluedroid Avrc Vendor Length Checkcve-2025-68474-bluedroid-avrc-vendor-length-checkCVE-2025-68926: Rust Tonic Grpc Hardcoded Authorization Tokencve-2025-68926-rust-tonic-grpc-hardcoded-authorization-tokenCVE-2025-69217: Insecure Prng For Keys Or Noncescve-2025-69217-insecure-prng-for-keys-or-noncesCVE-2025-70888: Missing X509 Key Usage Digital Signature Checkcve-2025-70888-missing-x509-key-usage-digital-signature-checkCVE-2026-21675: Iccdev Hint Manager Add Then Delete Uafcve-2026-21675-iccdev-hint-manager-add-then-delete-uafCVE-2026-22852: Freerdp Audin Formats Realloc Without Resetcve-2026-22852-freerdp-audin-formats-realloc-without-resetCVE-2026-23519: Rust Constant Time Bitnz Missing Black Box Barriercve-2026-23519-rust-constant-time-bitnz-missing-black-box-barrierCVE-2026-23530: Freerdp Received Capabilities Desync Resizecve-2026-23530-freerdp-received-capabilities-desync-resizeCVE-2026-23631: Do Not Free Yielding Engine Synccve-2026-23631-do-not-free-yielding-engine-syncCVE-2026-24811: Rntuple Deserializer Warns On Unsupported Feature Flagcve-2026-24811-rntuple-deserializer-warns-on-unsupported-feature-flagCVE-2026-24832: Openssl Bn Bn2dec Post Write Bounds Checkcve-2026-24832-openssl-bn-bn2dec-post-write-bounds-checkCVE-2026-25506: Munge Cve Unbounded Copycve-2026-25506-munge-cve-unbounded-copyCVE-2026-25955: Freerdp Rdpgfx Missing Unmap Window For Surface Callbackcve-2026-25955-freerdp-rdpgfx-missing-unmap-window-for-surface-callbackCVE-2026-25997: Freerdp Xf Cliprdr Free Last Sent Formats Without X11 Lockcve-2026-25997-freerdp-xf-cliprdr-free-last-sent-formats-without-x11-lockCVE-2026-26011: Nav2 Pose With Covariance Stamped Missing Covariance Validationcve-2026-26011-nav2-pose-with-covariance-stamped-missing-covariance-validationCVE-2026-2646: Untrusted Buffer Loop Boundcve-2026-2646-untrusted-buffer-loop-boundCVE-2026-2673: Openssl Conf Parse List Flatteningcve-2026-2673-openssl-conf-parse-list-flatteningCVE-2026-27489: Cpp Symlink Validation Missing Canonicalizationcve-2026-27489-cpp-symlink-validation-missing-canonicalizationCVE-2026-27820: Cve 2026 27820 Conditional Buffer Expansion Before Memmove Prependcve-2026-27820-cve-2026-27820-conditional-buffer-expansion-before-memmove-prependCVE-2026-27890: Cpp Unvalidated Path Prefix Traversalcve-2026-27890-cpp-unvalidated-path-prefix-traversalCVE-2026-29004: Busybox Ipv6 Buffer Overflowcve-2026-29004-busybox-ipv6-buffer-overflowCVE-2026-29646: Nemu Rvh Vmode Sie Sip Incorrect Dispatchcve-2026-29646-nemu-rvh-vmode-sie-sip-incorrect-dispatchCVE-2026-29649: Nemu Henvcfg Overbroad Menvcfg Wmaskcve-2026-29649-nemu-henvcfg-overbroad-menvcfg-wmaskCVE-2026-30363: Struct Field Toctou Derefcve-2026-30363-struct-field-toctou-derefCVE-2026-30793: Rust Fs Set Permissions World Writable 0o0777cve-2026-30793-rust-fs-set-permissions-world-writable-0o0777CVE-2026-30923: Modsecurity Libinjection Error Mishandlingcve-2026-30923-modsecurity-libinjection-error-mishandlingCVE-2026-31814: Rust Panic On Checked Mathcve-2026-31814-rust-panic-on-checked-mathCVE-2026-31969: Postfix Decrement Bounds Check Oobcve-2026-31969-postfix-decrement-bounds-check-oobCVE-2026-31971: Htslib Cram Byte Array Len Overruncve-2026-31971-htslib-cram-byte-array-len-overrunCVE-2026-31972: Samtools Mplp Ref Undersized Lru Cache Uafcve-2026-31972-samtools-mplp-ref-undersized-lru-cache-uafCVE-2026-31973: Samtools Cram Decode Null Derefcve-2026-31973-samtools-cram-decode-null-derefCVE-2026-32105: Xrdp Missing Fips Mac Validationcve-2026-32105-xrdp-missing-fips-mac-validationCVE-2026-32135: Urldecoding Off By One Overflowcve-2026-32135-urldecoding-off-by-one-overflowCVE-2026-32605: Rust Off By One Bounds Checkcve-2026-32605-rust-off-by-one-bounds-checkCVE-2026-32829: Lz4 Improper Offset Clampingcve-2026-32829-lz4-improper-offset-clampingCVE-2026-32853: Unchecked Sequential Memcpy Parsingcve-2026-32853-unchecked-sequential-memcpy-parsingCVE-2026-32854: Unchecked Strchr Derefcve-2026-32854-unchecked-strchr-derefCVE-2026-32874: Python C Api Memory Leak Fromstringcve-2026-32874-python-c-api-memory-leak-fromstringCVE-2026-32875: Unchecked Indent Multiplicationcve-2026-32875-unchecked-indent-multiplicationCVE-2026-33055: Tar Pax Size Conditional Overridecve-2026-33055-tar-pax-size-conditional-overrideCVE-2026-33069: Multipart Oob Read Parser Incrementcve-2026-33069-multipart-oob-read-parser-incrementCVE-2026-33150: Uaf Dangling Pointer Assignmentcve-2026-33150-uaf-dangling-pointer-assignmentCVE-2026-33184: Rust Unwrap Unchecked Subtractioncve-2026-33184-rust-unwrap-unchecked-subtractionCVE-2026-33516: Xrdp Memcpy From Stream Read Pointercve-2026-33516-xrdp-memcpy-from-stream-read-pointerCVE-2026-33526: Squid Uaf Rfc1738 Escapecve-2026-33526-squid-uaf-rfc1738-escapeCVE-2026-33633: Rectangle Bounds Integer Overflowcve-2026-33633-rectangle-bounds-integer-overflowCVE-2026-3381: Bundled Zlib Pre 1 3 2 Vulnerablecve-2026-3381-bundled-zlib-pre-1-3-2-vulnerableCVE-2026-33850: Stb Image Fractional Subsampling Oobcve-2026-33850-stb-image-fractional-subsampling-oobCVE-2026-33851: Insecure Buffer Size Underflowcve-2026-33851-insecure-buffer-size-underflowCVE-2026-33852: Unguided Oldns Clear Memory Leakcve-2026-33852-unguided-oldns-clear-memory-leakCVE-2026-33856: Xml Document Oldns Memory Leakcve-2026-33856-xml-document-oldns-memory-leakCVE-2026-33908: Unbounded Xml Tree Recursioncve-2026-33908-unbounded-xml-tree-recursionCVE-2026-33986: Premature Dimension Update Before Allocationcve-2026-33986-premature-dimension-update-before-allocationCVE-2026-34063: Rust Libp2p Handler Paniccve-2026-34063-rust-libp2p-handler-panicCVE-2026-34078: Flatpak Run App Missing Fd Bind Paramscve-2026-34078-flatpak-run-app-missing-fd-bind-paramsCVE-2026-34232: Path Traversal Unvalidated Plugin Namecve-2026-34232-path-traversal-unvalidated-plugin-nameCVE-2026-34352: Shmget Permissive Creationcve-2026-34352-shmget-permissive-creationCVE-2026-34543: Openexr Bounds Check Capacity Mismatchcve-2026-34543-openexr-bounds-check-capacity-mismatchCVE-2026-34941: Improper Entityset Capacitycve-2026-34941-improper-entityset-capacityCVE-2026-34943: Wasmtime Jit Libcall Toctoucve-2026-34943-wasmtime-jit-libcall-toctouCVE-2026-34971: Wasmtime Insecure Passive Data Trackingcve-2026-34971-wasmtime-insecure-passive-data-trackingCVE-2026-35186: Wasmtime Libcall Passive Data Racecve-2026-35186-wasmtime-libcall-passive-data-raceCVE-2026-37541: Ovms3 Gvret Binary Build Can Frame Length Unboundedcve-2026-37541-ovms3-gvret-binary-build-can-frame-length-unboundedCVE-2026-3945: Strtol Missing Negative Check Before Arithmeticcve-2026-3945-strtol-missing-negative-check-before-arithmeticCVE-2026-39853: Osslsigncode Memcpy Buffer Overflowcve-2026-39853-osslsigncode-memcpy-buffer-overflowCVE-2026-39958: Oma Topics Missing Control Char Validationcve-2026-39958-oma-topics-missing-control-char-validationCVE-2026-40164: Hardcoded Murmurhash Seedcve-2026-40164-hardcoded-murmurhash-seedCVE-2026-40492: C Bits Per Pixel Header Field Drives Wider Integer Castcve-2026-40492-c-bits-per-pixel-header-field-drives-wider-integer-castCVE-2026-40493: Image Codec Bpp From Raw Channels Depthcve-2026-40493-image-codec-bpp-from-raw-channels-depthCVE-2026-40494: Tga Rle Raw Packet Missing Bounds Checkcve-2026-40494-tga-rle-raw-packet-missing-bounds-checkCVE-2026-40719: Maradns Deadwood Use Before Null Check Dw Get Dnamecve-2026-40719-maradns-deadwood-use-before-null-check-dw-get-dnameCVE-2026-4111: Archive Missing Decompression Bounds Checkcve-2026-4111-archive-missing-decompression-bounds-checkCVE-2026-41197: Rust Brillig Array Undersize From Discarded Element Typescve-2026-41197-rust-brillig-array-undersize-from-discarded-element-typesCVE-2026-41415: Pjsip Pj Str Slen Underflow On Delimiter Stripcve-2026-41415-pjsip-pj-str-slen-underflow-on-delimiter-stripCVE-2026-41475: Bacnet Deprecated Decode Tag Number And Value Oob Readcve-2026-41475-bacnet-deprecated-decode-tag-number-and-value-oob-readCVE-2026-41477: Deskflow Ipc Lpe Skipcve-2026-41477-deskflow-ipc-lpe-skipCVE-2026-41677: Rust Openssl Passwd Cb Missing Length Bounds Checkcve-2026-41677-rust-openssl-passwd-cb-missing-length-bounds-checkCVE-2026-41678: Rust Openssl Aes Unwrap Key Inverted Bounds Assertioncve-2026-41678-rust-openssl-aes-unwrap-key-inverted-bounds-assertionCVE-2026-41681: Rust Openssl Evp Digest Final Missing Bounds Checkcve-2026-41681-rust-openssl-evp-digest-final-missing-bounds-checkCVE-2026-4176: Vendored Zlib Pre 1 3 2cve-2026-4176-vendored-zlib-pre-1-3-2CVE-2026-41898: Rust Openssl Ffi Trampoline Unchecked Callback Lengthcve-2026-41898-rust-openssl-ffi-trampoline-unchecked-callback-lengthCVE-2026-42009: Dtls Duplicate Sequence Type Checkcve-2026-42009-dtls-duplicate-sequence-type-checkCVE-2026-42046: Improper Multiplication Overflow Checkcve-2026-42046-improper-multiplication-overflow-checkCVE-2026-42171: Nsis Insecure Temp Fallbackcve-2026-42171-nsis-insecure-temp-fallbackCVE-2026-42189: Unchecked Network Decoded Count Vec Capacitycve-2026-42189-unchecked-network-decoded-count-vec-capacityCVE-2026-42268: Modsecurity Libinjection Boolean Failopencve-2026-42268-modsecurity-libinjection-boolean-failopenCVE-2026-42311: C Struct Singleton Pointer Identity Tokencve-2026-42311-c-struct-singleton-pointer-identity-tokenCVE-2026-44050: Netatalk Cnid Dbd Unbounded Readt Namelencve-2026-44050-netatalk-cnid-dbd-unbounded-readt-namelenCVE-2026-44060: Network Length Underflowcve-2026-44060-network-length-underflowCVE-2026-4424: Libarchive Rar Lzss Sign Comparecve-2026-4424-libarchive-rar-lzss-sign-compareCVE-2026-44296: Thread Blocking Sleep In Networkingcve-2026-44296-thread-blocking-sleep-in-networkingCVE-2026-44463: Missing Dynamic Mcp Oauth Authcve-2026-44463-missing-dynamic-mcp-oauth-authCVE-2026-44466: Mcp Static Auth Header Bypasscve-2026-44466-mcp-static-auth-header-bypassCVE-2026-44497: Ffi Sighash Callback Stale Buffer None Returncve-2026-44497-ffi-sighash-callback-stale-buffer-none-returnCVE-2026-4480: Weak Quote Replacement Command Injectioncve-2026-4480-weak-quote-replacement-command-injectionCVE-2026-44988: Libvncclient Tight Rw Bounds Overflowcve-2026-44988-libvncclient-tight-rw-bounds-overflowCVE-2026-45108: Rust File Create Dynamic Pathcve-2026-45108-rust-file-create-dynamic-pathCVE-2026-45109: Next Js Hardcoded None Cache Handlercve-2026-45109-next-js-hardcoded-none-cache-handlerCVE-2026-47783: Auth Comparison Timing Leakcve-2026-47783-auth-comparison-timing-leakCVE-2026-49128: Mpd Unvalidated Relative Uricve-2026-49128-mpd-unvalidated-relative-uriCVE-2026-5301: Rust Shell Command Injectioncve-2026-5301-rust-shell-command-injectionCVE-2026-5405: Qt Minizip Path Traversalcve-2026-5405-qt-minizip-path-traversalCVE-2026-5503: Wolfssl Tlsx Find Unconditional Extensions Reassigncve-2026-5503-wolfssl-tlsx-find-unconditional-extensions-reassignCVE-2026-5747: Eager Device Instantiation Doscve-2026-5747-eager-device-instantiation-dosCVE-2026-6654: Draining Iterator Stale Slice From Raw Parts Uafcve-2026-6654-draining-iterator-stale-slice-from-raw-parts-uafCVE-2026-6942: R2mcp Incomplete Shell Metachar Filter Cve 2026 6942cve-2026-6942-r2mcp-incomplete-shell-metachar-filter-cve-2026-6942CVE-2026-8177: Cve 2026 8177 Unchecked Utf8 Decodecve-2026-8177-cve-2026-8177-unchecked-utf8-decodeCVE-2026-8836: Lwip Snmp Asn1 Dec Raw Aliased Length And Bufmaxcve-2026-8836-lwip-snmp-asn1-dec-raw-aliased-length-and-bufmaxCVE-2026-8915: Escargot Resizable Arraybuffer Oobcve-2026-8915-escargot-resizable-arraybuffer-oobCVE-2026-9064: 389 Ds Unbounded Ldap Controlscve-2026-9064-389-ds-unbounded-ldap-controlsAccess RpcImpersonateClient ImpersonateLoggedOnUsergitlab-sast-c-access-rule-rpcimpersonateclient-impersonateloggedonuserAccess Umaskgitlab-sast-c-access-rule-umaskBuffer Fscanf Sscanfgitlab-sast-c-buffer-rule-fscanf-sscanfBuffer G Get Home Dirgitlab-sast-c-buffer-rule-g-get-home-dirBuffer G Get Tmp Dirgitlab-sast-c-buffer-rule-g-get-tmp-dirBuffer Getenv Curl Getenvgitlab-sast-c-buffer-rule-getenv-curl-getenvBuffer Gets Gettsgitlab-sast-c-buffer-rule-gets-gettsBuffer Getwdgitlab-sast-c-buffer-rule-getwdBuffer Lstrcat Wcscatgitlab-sast-c-buffer-rule-lstrcat-wcscatBuffer Lstrcatn Wcsncatgitlab-sast-c-buffer-rule-lstrcatn-wcsncatBuffer Lstrcpy Wcscpygitlab-sast-c-buffer-rule-lstrcpy-wcscpyBuffer Lstrcpyn Wcsncpygitlab-sast-c-buffer-rule-lstrcpyn-wcsncpyBuffer Memcpy CopyMemorygitlab-sast-c-buffer-rule-memcpy-copymemoryBuffer MultiByteToWideChargitlab-sast-c-buffer-rule-multibytetowidecharBuffer Realpathgitlab-sast-c-buffer-rule-realpathBuffer Scanf Vscanfgitlab-sast-c-buffer-rule-scanf-vscanfBuffer Sprintf Vsprintfgitlab-sast-c-buffer-rule-sprintf-vsprintfBuffer StrCat StrCatAgitlab-sast-c-buffer-rule-strcat-strcataBuffer Strcatgitlab-sast-c-buffer-rule-strcatBuffer Strccpy Strcaddgitlab-sast-c-buffer-rule-strccpy-strcaddBuffer Strcpygitlab-sast-c-buffer-rule-strcpyBuffer StrcpyA StrcpyWgitlab-sast-c-buffer-rule-strcpya-strcpywBuffer Streadd Strecpygitlab-sast-c-buffer-rule-streadd-strecpyBuffer Strlen Wcslengitlab-sast-c-buffer-rule-strlen-wcslenBuffer Strncatgitlab-sast-c-buffer-rule-strncatBuffer Strncpygitlab-sast-c-buffer-rule-strncpyBuffer Strtrnsgitlab-sast-c-buffer-rule-strtrnsCrypto Crypt Crypt Rgitlab-sast-c-crypto-rule-crypt-crypt-rCrypto EVP Des Ecb EVP Des Cbcgitlab-sast-c-crypto-rule-evp-des-ecb-evp-des-cbcCrypto EVP Rc4 40 EVP Rc2 40 Cbcgitlab-sast-c-crypto-rule-evp-rc4-40-evp-rc2-40-cbcFormat Fprintf Vfprintfgitlab-sast-c-format-rule-fprintf-vfprintfFormat Printf Vprintfgitlab-sast-c-format-rule-printf-vprintfFormat Snprintf Vsnprintfgitlab-sast-c-format-rule-snprintf-vsnprintfFormat Sysloggitlab-sast-c-format-rule-syslogFree Memaligngitlab-sast-c-free-rule-memalignInteger Atoi Atolgitlab-sast-c-integer-rule-atoi-atolMisc AddAccessAllowedAcegitlab-sast-c-misc-rule-addaccessallowedaceMisc Cuseridgitlab-sast-c-misc-rule-cuseridMisc Fopen Opengitlab-sast-c-misc-rule-fopen-openMisc Getlogingitlab-sast-c-misc-rule-getloginMisc Getpassgitlab-sast-c-misc-rule-getpassMisc LoadLibrarygitlab-sast-c-misc-rule-loadlibraryMisc LoadLibraryExgitlab-sast-c-misc-rule-loadlibraryexMisc SetSecurityDescriptorDaclgitlab-sast-c-misc-rule-setsecuritydescriptordaclObsolete Gsignal Ssignalgitlab-sast-c-obsolete-rule-gsignal-ssignalObsolete Ulimitgitlab-sast-c-obsolete-rule-ulimitObsolete Usleepgitlab-sast-c-obsolete-rule-usleepRace Accessgitlab-sast-c-race-rule-accessRace Chmodgitlab-sast-c-race-rule-chmodRace Chowngitlab-sast-c-race-rule-chownRace Readlinkgitlab-sast-c-race-rule-readlinkRace Vforkgitlab-sast-c-race-rule-vforkRandom Drand48 Erand48gitlab-sast-c-random-rule-drand48-erand48Shell CreateProcessgitlab-sast-c-shell-rule-createprocessShell CreateProcessAsUser CreateProcessWithLogongitlab-sast-c-shell-rule-createprocessasuser-createprocesswithlogonShell Execl Execlpgitlab-sast-c-shell-rule-execl-execlpShell Systemgitlab-sast-c-shell-rule-systemTmpfile GetTempFileNamegitlab-sast-c-tmpfile-rule-gettempfilenameTmpfile Mkstempgitlab-sast-c-tmpfile-rule-mkstempTmpfile Mktempgitlab-sast-c-tmpfile-rule-mktempTmpfile Tmpfilegitlab-sast-c-tmpfile-rule-tmpfileTmpfile Tmpnam Tempnamgitlab-sast-c-tmpfile-rule-tmpnam-tempnam