VYPR

Src

by NetBSD

Source repositories

CVEs (2)

  • CVE-2026-32849MedMay 18, 2026
    risk 0.29cvss 5.5epss 0.00

    NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodev_op() function in sys/opencrypto/cryptodev.c where the local variable iov_len is declared as a signed int but assigned from an unsigned cop->dst_len value, causing undefined behavior…

  • CVE-2026-32848MedMay 18, 2026
    risk 0.24cvss 4.7epss 0.00

    NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems.…