Chromium: CVE-2025-4372 Use after free in WebAudio

Extraction filter bypass for linking outside extraction directory

PyTorch nccl.py torch.cuda.nccl.reduce denial of service

PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation

Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

Chromium: CVE-2025-4096 Heap buffer overflow in HTML

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow

Perl threads have a working directory race condition where file operations may target unintended paths

Cache poisoning due to weak PRNG

Cache poisoning attacks with unsolicited RRs

A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

DNS message with invalid TSIG causes an assertion failure

Glib: glib crash after long command line

Chromium: CVE-2025-4052 Inappropriate implementation in DevTools

Chromium: CVE-2025-4051 Insufficient data validation in DevTools

Chromium: CVE-2025-4050 Out of bounds memory access in DevTools

ceph: fix multifs mds auth caps issue

Libsoup: cookie domain validation bypass via uppercase characters in libsoup