PT-2026-46247

Name of the Vulnerable Software and Affected Versions GNCC GP5 version 7.1.76 Description A lack of runtime integrity allows physically-proximate attackers to bypass file system read-only protections. This enables the modification of system files and binaries for the duration of a boot session...

CVE-2026-44917

OpenStack Ironic (prior to 35.0.2) is vulnerable to an information-disclosure issue where a malicious authenticated project admin or manager can read local files on the Ironic conductor via a pxe_template. This CVE is documented across multiple sources (OpenStack Ironic, Debian tracker, CVE lists...

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

CVE-2026-10152

A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.java of the component book Endpoint. The manipulation results in improper access controls. The attac...

CVE-2026-46249

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

CVE-2026-46249 octeontx2-af: Fix PF driver crash with kexec kernel booting

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

EUVD-2026-34111

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

CVE-2026-24090

Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

PT-2026-46066

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 35.0.2 Description An issue allows Boot Script Injection of an iPXE script, which is a network boot firmware used to boot computers from a network. This occurs if an attacker is able to set the node.driver in...

CVE-2026-46447

OpenStack Ironic

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. OpenStack Ironic versions 35.0.x and earlier contain security vulnerabilities, which stem from a vulnerability that allo...

Security Advisory 0140

Security Advisory 0140 PDF Date: June 3, 2026 Revision | Date | Changes ---|---|--- 1.0 | June 3, 2026 | Initial release The CVE-ID tracking this issue: CVE-2026-10040 CVSSv3.1 Base Score: 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSSv4.0 Base Score: 6.8...

Linux Distros Unpatched Vulnerability : CVE-2026-46447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo. CVE-2026-46447 Note...

Spring Boot: Spring Boot: Weak pseudo-random number generation can lead to information disclosure.

A flaw was found in Spring Boot. The $random.value property source utilizes a weak pseudo-random number generator PRNG, meaning the values it produces are not sufficiently random for use as cryptographic secrets. An attacker could potentially predict these values, which may lead to information...

Important: Red Hat Security Advisory: Red Hat Data Grid 8.6.1 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

EUVD-2026-33847

Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...

CicadasCMS 代码注入漏洞

CicadasCMS is a content management framework developed by the Chinese individual developer westboy, based on SpringBoot, Mybatis, SpringSecurity, and Vue. CicadasCMS has a code injection vulnerability, which stems from an unknown function issue in the task scheduling management module, specifical...