CVE-2026-31564

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvmeiointcregsaccess In function kvmeiointcregsaccess, the register base address is caculated from array base address plus offset, the offset is absolute value from the base address...

CVE-2026-31564

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvmeiointcregsaccess In function kvmeiointcregsaccess, the register base address is caculated from array base address plus offset, the offset is absolute value from the base address...

CVE-2026-31564 LoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvmeiointcregsaccess In function kvmeiointcregsaccess, the register base address is caculated from array base address plus offset, the offset is absolute value from the base address...

EUVD-2026-25457

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvmeiointcregsaccess In function kvmeiointcregsaccess, the register base address is caculated from array base address plus offset, the offset is absolute value from the base address...

CVE-2026-31564

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvmeiointcregsaccess In function kvmeiointcregsaccess, the register base address is caculated from array base address plus offset, the offset is absolute value from the base address...

CVE-2026-31564

CVE-2026-31564 (LoongArch KVM) : The Linux kernel fix addresses a faulty address calculation in the LoongArch KVM implementation, specifically in kvm_eiointc_regs_access(). The code previously derived the register base address by adding an offset to an array base address treated as a u64, which c...

org.apache.dolphinscheduler:dolphinscheduler-alert-server (>=3.2.1 <=3.3.0-alpha), org.apache.dolphinscheduler:dolphinscheduler-extract-alert (>=3.2.1 <=3.3.0-alpha) +13 more potentially affected by CVE-2025-62233 via org.apache.dolphinscheduler:dolphinscheduler-extract-base (>=3.2.1 <=3.3.0-alpha)

org.apache.dolphinscheduler:dolphinscheduler-extract-base MAVEN version =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.3.0-alpha - o...

PT-2026-34916

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvm eiointc regs access In function kvm eiointc regs access, the register base address is caculated from array base address plus offset, the offset is absolute value from the base...

TencentOS Server 3: 389-ds:1.4 (TSSA-2026:0243)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0243 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2026-41351 OpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via Base64 Signature Re-encoding

OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can re-encode Telnyx webhook signatures to bypass replay detection while maintaining valid signature...

CVE-2026-41351 OpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via Base64 Signature Re-encoding

OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can re-encode Telnyx webhook signatures to bypass replay detection while maintaining valid signature...

CVE-2026-41351

OpenClaw prior to version 2026.3.31 is affected by a replay-detection bypass in webhook signature handling. The vulnerability occurs because Base64 and Base64URL encoded signatures are treated as distinct requests, allowing an attacker to re-encode Telnyx webhook signatures to bypass replay prote...

SUSE-SU-2026:21317-1 Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issues: - CVE-2026-4046: Fixed assertion failure when converting inputs may be used to remotely crash an application bsc1261209 - Add support for live-patching the gconv modules sitting in glibc-locale-base or glibc-gconv-modules-extra package...

Important: Red Hat Security Advisory: Red Hat Update Infrastructure 5.1 security update

The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...

Linux Distros Unpatched Vulnerability : CVE-2026-6019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - http.cookies.Morsel.jsoutput returns an inline snippet and only escapes for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence...

CVE-2026-6019

http.cookies.Morsel.jsoutput returns an inline inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

@saltcorn/admin-models (>=1.5.0 <=1.5.0-rc.2), @saltcorn/base-plugin (>=1.5.0 <=1.5.0-rc.2) +5 more potentially affected by unknown CVE via @saltcorn/data (>=1.5.0-beta.0 <=1.5.0)

@saltcorn/data NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0-rc.2 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNDATA-16318351...

RHSA-2026:9488 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

Bulletin has no description...

RHSA-2026:9487 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

Bulletin has no description...

RHSA-2026:9447 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

Bulletin has no description...