AMD: CVE-2025-54518 CPU OP Cache Corruption

This vulnerability was found and addressed by AMD. We are documenting it in the Security Update Guide to encourage customers to install the May 2026 version of Windows as soon as possible. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for thi...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

Copy.Fail Linux Vulnerability

This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kernel crypto API AFALG sockets plus splice to write four bytes at a time straigh...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

CLSA-2026-1778573628 dovecot: Fix of 2 CVEs

CVE-2026-27855: use translated username in authcacheremove to prevent OTP authentication replay attack - CVE-2026-27856: use timing-safe credential comparison in doveadm HTTP and TCP authentication paths...

CVE-2026-40044

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

CVE-2026-45321

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself...

Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow...

CVE-2026-45321

CVE-2026-45321 is a real npm supply-chain attack affecting 42 TanStack packages where 84 malicious releases were published within ~6 minutes using a legitimate GitHub Actions OIDC trusted-publisher binding. The malicious router_init.js payload exfiltrated credentials (GitHub tokens, cloud keys, S...

CVE-2026-45321 Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself...

PT-2026-39905

Name of the Vulnerable Software and Affected Versions TanStack packages affected versions not specified Description A supply chain attack known as Mini Shai-Hulud targeted 42 @tanstack/ packages, resulting in the publication of 84 malicious versions to the npm registry. The attacker gained...

Micronaut Framework 资源管理错误漏洞

The Micronaut Framework is a modern full-stack Java framework based on the JVM, developed by the Micronaut Foundation. Versions of the Micronaut Framework prior to 4.10.22 contained a resource management vulnerability. This vulnerability stemmed from the use of unbounded caching in the bundleCach...

PT-2026-40778

Name of the Vulnerable Software and Affected Versions Zen 2-based products affected versions not specified Description A flaw in the CPU operation op/µop cache allows for the execution of incorrect instructions at a higher privilege level, which can lead to an elevation of privilege affecting the...

AMD EPYC Processor 安全漏洞

The AMD EPYC Processor is a series of multi-core processors developed by American semiconductor company AMD. There is a security vulnerability in the AMD EPYC Processor. This vulnerability arises from improper isolation of shared resources in the CPU operation cache on Zen 2-based products...

CPU OP Cache Corruption

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54518| Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

CVE-2026-43877

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not...