Tag

Memory-Safety

2 briefs RSS

barebox EFI PE Loader Memory-Safety Vulnerabilities (CVE-2026-34963)

barebox versions prior to 2026.04.0 are vulnerable to memory-safety issues in the EFI PE loader (CVE-2026-34963), potentially allowing code execution via malicious EFI PE binaries.

barebox memory-safety heap-overflow bootloader

1r 1t 1c May 11, 2026

high advisory

Swift Crypto X-Wing HPKE Decapsulation Vulnerability

2 rules 1 TTP

The X-Wing decapsulation path in swift-crypto accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length of 1120 bytes, leading to a potential out-of-bounds read.

vulnerability memory-safety swift-crypto

2r 1t Apr 3, 2026