31597 matches found
CVE-2026-50742
creationtimestamp| type| source ---|---|--- 2026-06-26 03:01:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp5xd2fdsk2b 2026-06-29 21:52:56+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphhxli3am2b...
SUSE CVE-2026-53214
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...
CVE-2026-53263
A flaw was found in the Linux kernel's 6lowpan component. An off-by-one error during multicast context address compression can lead to the transmission of uninitialized kernel stack memory over the network. This vulnerability results in information disclosure, potentially allowing an attacker to...
CVE-2026-13318
A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...
PT-2026-52949
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the soc/tegra: cbb component where a kernel page fault occurs during cross-fabric target timeout lookups. When a fabric receives an error interrupt that originated on ...
SUSE SLES15 Security Update : nodejs24 (SUSE-SU-2026:2633-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2633-1 advisory. This update for nodejs24 fixes the following issues Update to 24.17.0: - CVE-2026-2581: undici: Undici: Denial of Service due to...
CVE-2026-53224
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...
CVE-2026-53221
A flaw was found in the Linux kernel, specifically within the ip6vti component responsible for managing IPv6 tunnels. This vulnerability arises from an error in the vti6tnllookup function, which incorrectly matches network tunnels by failing to properly verify wildcard addresses during fallback...
CVE-2026-53006
A flaw was found in the Linux kernel's IPv6 Internet Protocol version 6 implementation. This vulnerability, a Use-After-Free UAF error, occurs due to incorrect caching of network packet addresses before a memory operation. An attacker could potentially exploit this flaw to cause memory corruption...
EUVD-2026-31398
golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement...
GHSA-X527-X647-Q7GG golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...
golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...
DEBIAN-CVE-2026-7532
iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...
CVE-2026-7532
CVE-2026-7532 describes an IP address name constraints bypass in WolfSSL when WOLFSSL_IP_ALT_NAME is not defined. In this configuration, IP address name constraints are not enforced, allowing a certificate to bypass an issuing CA’s IP address constraints. This affects WolfSSL deployments that rel...
CVE-2026-7532 iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined
iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...
CVE-2026-7532
iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...
CVE-2026-7532
iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...
GO-2026-5244 Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes in github.com/gotenberg/gotenberg
Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes in github.com/gotenberg/gotenberg...
CVE-2026-53047
A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...
CVE-2026-53000
A flaw was found in the Linux kernel's netfilter component, specifically within the Network Address Translation NAT subsystem. This vulnerability involves improper memory management when releasing network filter operation structures. This could potentially allow an attacker to cause a system cras...