This page collects WhisperX intelligence signals tagged #CVE-2026-27171. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
广泛使用的数据压缩库 zlib 曝出新的安全漏洞 CVE-2026-27171,该漏洞可能导致受影响系统出现CPU资源耗尽。漏洞根源在于 `crc32_combine64` 和 `crc32_combine_gen64` 函数中,`x2nmodp` 函数可能在一个没有终止条件的循环内执行右移操作。这意味着,在特定条件下,处理恶意构造的输入数据可能触发无限循环或极高的CPU占用,从而引发拒绝服务(DoS)风险。 该漏洞已在 zlib 1.3.2 版本中得到修复。维护者 Mark Adler 已在 GitHub 上提交了修复代码。所有依赖 zlib 进行数据压缩或校验和计算的软件项目,特别是那些处理不可信输入的网络服务、应用程序和嵌入...
A critical algorithmic vulnerability in the widely deployed zlib compression library has been identified, raising concerns across the technology sector. The flaw, tracked as CVE-2026-27171, resides in the crc32_combine64 and crc32_combine_gen64 functions, where the underlying x2nmodp helper routine contains a loop cons...