All news with #out of bounds read tag

⚠️ Security researchers disclosed a critical out-of-bounds read in Ollama that can leak process memory and is tracked as CVE-2026-7482 (CVSS 9.1), dubbed "Bleeding Llama". The flaw arises in the GGUF model loader's WriteTo() flow due to use of the unsafe package, allowing a crafted model upload to read past heap bounds. Successful exploitation can reveal environment variables, API keys, prompts, and user conversation data and exfiltrate it via the /api/push endpoint. Users are urged to apply fixes, restrict network exposure, and place an authentication proxy before Ollama instances.

🔒 The Siemens TPM 2.0 reference implementation contains a vulnerability (CVE-2025-2884) in the CryptHmacSign helper that can perform an out‑of‑bounds read because it does not validate the signature scheme against the signature key algorithm. Successful exploitation could result in information disclosure or denial of service of the TPM. Siemens ProductCERT has published fixes for many affected SIMATIC and IPC models and is preparing additional updates; where fixes are not yet available, CISA and Siemens recommend network isolation and other mitigations.

🔒 Citrix disclosed a critical memory overread vulnerability, CVE-2026-3055, in NetScaler ADC and NetScaler Gateway appliances that is being actively exploited to obtain sensitive data. The vendor says the issue affects on-prem appliances configured as a SAML identity provider and impacts versions before 14.1-60.58 and specified older 13.1 builds. Security researchers at watchTowr observed reconnaissance and confirmed exploitation from at least March 27 that can leak authenticated administrative session IDs, potentially enabling full appliance takeover. Administrators should prioritise immediate patching, isolate affected systems, and apply mitigation guidance from the vendor and security teams.

⚠️ CISA added CVE-2026-3055, a Citrix NetScaler Out-of-Bounds Read vulnerability, to the Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. This class of flaw is a frequent attack vector and poses significant risk to the federal enterprise. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate KEV entries by their due dates; CISA urges all organizations to prioritize timely remediation and risk reduction.

⚠️Citrix has released a security bulletin for NetScaler ADC and NetScaler Gateway addressing two vulnerabilities: CVE-2026-3055 (critical out-of-bounds read, CVSS 9.3) and CVE-2026-4368 (race condition, CVSS 7.7). The issues affect customer-managed appliances with specific SAML IDP or Gateway/AAA configurations rather than default installs or Citrix-managed cloud instances. Cloud Software Group recommends immediate installation of the vendor-published patches and notes a temporary Global Deny List mitigation available for select 14.1 builds while upgrades are scheduled.

⚠️ A vulnerability (CVE-2025-2399) in Mitsubishi Electric CNC Series can be exploited remotely to trigger an out-of-bounds read and cause a denial-of-service by sending specially crafted packets to TCP port 683. A range of M800, M80, M70, E70/E80, C80 and NC Trainer models are affected. Mitsubishi Electric has published fixed firmware builds (BC or later, FN or later depending on model); users should contact their vendor representative to obtain and apply updates. If immediate updates are not possible, the vendor recommends restricting network exposure, firewalling, using VPNs, enabling IP filters where available, and limiting physical and network access.

⚠️ A PS/IGES Parasolid translator component in Siemens Solid Edge contains an out-of-bounds read when parsing specially crafted IGS files, which can crash the application or permit arbitrary code execution in the context of the running process. Siemens has released a patch; administrators should update to V226.00 Update 03 or later. The issue is tracked as CVE-2025-40936 with a CVSSv3.1 base score of 7.8 (High). Apply the vendor update and follow industrial security best practices to limit exposure.

⚠ CISA added CVE-2025-14174, a Google Chromium out-of-bounds memory access vulnerability, to the Known Exploited Vulnerabilities (KEV) Catalog following evidence of active exploitation. This class of flaw frequently enables memory corruption and can lead to code execution or information disclosure, posing significant risk to the federal enterprise. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate KEV entries by required due dates; CISA urges all organizations to prioritize timely remediation as part of their vulnerability management.

🔒 Siemens' Solid Edge CAD applications contain multiple vulnerabilities in PRT file parsing—two out‑of‑bounds writes (CWE‑787) and two out‑of‑bounds reads (CWE‑125)—tracked as CVE‑2025‑40809 through CVE‑2025‑40812. Affected releases include SE2024 versions prior to V224.0 Update 14 and SE2025 versions prior to V225.0 Update 6. Exploitation could crash the application or enable code execution in the context of the current process; Siemens and CISA recommend applying the listed updates, avoiding untrusted PRT files, and limiting network exposure.

🔒 Siemens products that include vulnerable OpenSSL libraries are affected by an out-of-bounds read (CVE-2021-3712) that may be exploited remotely and carries a CVSS v3.1 base score of 7.4. A broad set of industrial networking and automation devices — including SCALANCE, RUGGEDCOM, SIMATIC, SINEMA, SINUMERIK, TIA and Industrial Edge apps — are listed as impacted. OpenSSL fixes are available in 1.1.1l and 1.0.2za; Siemens has published product updates and mitigations where possible. CISA and Siemens recommend applying vendor-supplied updates, minimizing network exposure, isolating control networks, and using secure remote access until fixes are deployed.

🔐 Siemens has disclosed multiple vulnerabilities in the integrated User Management Component (UMC) that could allow unauthenticated remote attackers to execute arbitrary code or cause denial-of-service. A stack-based buffer overflow (CVE-2025-40795) and several out-of-bounds read issues (CVE-2025-40796–40798) are reported, with CVSS v4 scores up to 9.3. Siemens recommends updating UMC to V2.15.1.3 or later and, where feasible, blocking TCP ports 4002 and 4004; Siemens notes no fixes are planned for SIMATIC PCS neo V4.1 and V5.0.