CWE-126
2 CVEs of this weakness class.
- CVE-2026-5260HIGH 8.2EPSS 1%
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.
- CVE-2025-32053MED 6.5EPSS 1%
A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.