Memory Safety
The latest Memory Safety coverage — news, analysis, and updates from the WindowsNews.AI desk.
CVE-2022-46456: Critical NASM Buffer Overflow Threatens Windows Development Security
A critical memory safety vulnerability in the Netwide Assembler (NASM) has exposed Windows developers and security professionals to potential exploitation, with CVE-2022-46456 revealing a global...
CVE-2022-48303: Patch GNU Tar Now to Stop Archive Extraction Crashes on Windows WSL
GNU Tar versions up to 1.34 carry a one-byte out-of-bounds read that can be triggered by a specially crafted archive—and even though the world’s Linux vendors patched it months ago, the utility...
Cryptographic library wolfSSL versions before 5.6.6 crash or leak memory via malformed TLS 1.3 packets.
A critical vulnerability in the widely-used wolfSSL cryptographic library, tracked as CVE-2024-0901, has exposed millions of devices and applications to potential denial-of-service attacks and memory...
Linux JFS CVE-2025-37742 Fix: How Memory Safety Patches Impact Windows Users
While Windows users might initially dismiss a Linux kernel vulnerability as irrelevant to their daily computing, the recent CVE-2025-37742 patch for the JFS filesystem reveals important...
Firefox 126 Closes Critical Remote Code Execution Holes in Older Browsers
Mozilla has shipped Firefox 126, a security patch that plugs multiple memory safety vulnerabilities in Firefox 125—flaws that could allow attackers to execute arbitrary code simply by luring a...
CVE-2025-57052: Critical cJSON Vulnerability Threatens Software Security - Patch Now
A newly discovered critical vulnerability in the widely used cJSON library, designated CVE-2025-57052, poses a significant security threat to countless applications and systems that rely on this...
Linux Kernel SMB Server Flaw CVE-2024-26811: A Critical Security Patch Analysis
A critical security vulnerability in the Linux kernel's in-kernel SMB server, designated CVE-2024-26811, was patched in April 2024, addressing a dangerous input-validation gap that could have allowed...
Delta ASDA-Soft CVE-2026-1361: Critical Stack Overflow Vulnerability Patched in Version 7.2.2.0
Delta Electronics has issued a critical security advisory for its ASDA-Soft industrial automation software, addressing a high-severity stack-based buffer overflow vulnerability designated as...
CVE-2026-1301: Critical Memory Safety Bug in Open62541 OPC UA Stack
A newly disclosed memory-safety vulnerability in the widely used open-source OPC UA stack open62541 has been flagged by U.S. cybersecurity authorities as a medium-severity threat that could...
Kernel Flaw Let Attackers Crash Ceph Clusters: Here’s the Fix (CVE-2025-68283)
On December 16, 2025, the Linux kernel maintainers committed a patch that neutralizes a serious vulnerability in the Ceph storage client. The fix, assigned CVE-2025-68283, eliminates a kernel panic...
CVE-2025-11961: Critical libpcap MAC Address Parsing Vulnerability Exposes Systems to Memory Corruption
A significant memory safety vulnerability has been discovered in libpcap, the foundational packet capture library used by network monitoring tools worldwide. Designated CVE-2025-11961, this critical...
CVE-2025-6270: Critical HDF5 Heap Overflow Threatens Scientific & Engineering Software
A critical memory-safety vulnerability, designated CVE-2025-6270, has been disclosed in the widely-used HDF5 data management library version 1.14.6, posing a significant risk to a vast ecosystem of...