Buffer overflow vulnerabilities continue to spawn critical security flaws across major software platforms, with recent CVEs affecting NGINX, PAN-OS, OpenSSL, and VoIP devices. Security teams are racing to patch heap and stack-based exploits that enable remote code execution and denial-of-service attacks.
·ExecuTorch faces a heap-based buffer overflow vulnerability tracked as CVE-2025-54951
·NGINX addresses a critical heap buffer overflow in CVE-2026-42945
·Grandstream GXP1600 VoIP phones patched for unauthenticated stack buffer overflow attack
·PAN-OS buffer overflow vulnerability actively exploited in the wild
·OpenSSL vulnerability chains buffer overflow to remote code execution and denial-of-service
drawn from Endor Labs, latesthackingnews.com, Akamai, Rapid7 · updated 3d ago