PT-2026-32347

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the fw classify function when an empty cls fw filter is attached to a shared block and a packet with a nonzero major skb mark is classified. This...

RLSA-2026:6036 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in...

VulnHawk

🛡️ VulnHawk — OWASP Top 10 Web Vulnerability Scanner...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

A Binary Classifier-Based Wire Resistance Attack on the KLJN Secure Key Exchanger

The statistical fluctuations of the mean-square noise voltages measured at Alice's and Bob's ends in the KLJN scheme are used to implement a binary classifier for a new type of wire resistance-based attack. The data are plotted on a two-dimensional graph, where the x- and y- axes represent the...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the insufficient validation provided by the clsu32 classifier using the skbheaderpointer function,...

Linux Distros Unpatched Vulnerability : CVE-2026-23204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Ki...

CVE-2025-68119 vulnerabilities

Vulnerabilities for packages: spire-controller-manager, timescaledb-tune, sftpgo-plugin-pubsub, ini-file, octo-sts, kubernetes-event-exporter, crossplane-provider-aws-kinesis, sftpgo-plugin-auth, vault-k8s, cass-operator, clickhouse-operator, stakater-reloader, kserve-modelmesh-serving, sonobuoy,...

GHSA-CM6P-QC7V-M3JW vulnerabilities

Vulnerabilities for packages: spire-controller-manager, timescaledb-tune, sftpgo-plugin-pubsub, ini-file, octo-sts, kubernetes-event-exporter, crossplane-provider-aws-kinesis, sftpgo-plugin-auth, vault-k8s, cass-operator, clickhouse-operator, stakater-reloader, kserve-modelmesh-serving, sonobuoy,...

GHSA-XVQR-69V8-F3GV vulnerabilities

Vulnerabilities for packages: k8s-metacollector, kube-oidc-proxy, kuberay-operator-fips, k8sgateway, amazon-vpc-cni-plugins-fips, amazon-cloudwatch-agent-operator-fips, cadvisor-fips, regclient-fips, knative-operator-fips, spegel-fips, cass-operator-fips, prometheus-blackbox-exporter, go-licenses...

CVE-2025-68119 vulnerabilities

Vulnerabilities for packages: k8s-metacollector, kube-oidc-proxy, kuberay-operator-fips, k8sgateway, amazon-vpc-cni-plugins-fips, amazon-cloudwatch-agent-operator-fips, cadvisor-fips, regclient-fips, knative-operator-fips, spegel-fips, cass-operator-fips, prometheus-blackbox-exporter, go-licenses...

Many Hands Make Light Work: An LLM-Based Multi-Agent System for Detecting Malicious PyPI Packages

Malicious code in open-source repositories such as PyPI poses a growing threat to software supply chains. Traditional rule-based tools often overlook the semantic patterns in source code that are crucial for identifying adversarial components. Large language models LLMs show promise for software...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004445 advisory. A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification...

Behavioral Analytics for Continuous Insider Threat Detection in Zero-Trust Architectures

Insider threats are a particularly tricky cybersecurity issue, especially in zero-trust architectures ZTA where implicit trust is removed. Although the rule of thumb is never trust, always verify, attackers can still use legitimate credentials and impersonate the standard user activity. In...

PT-2026-8212

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the networking scheduler cls u32 where the skb header pointer function does not fully validate negative offset values. This can lead to...

CVE-2025-13708 Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

Tencent NeuralNLP-NeuralClassifier loadcheckpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent NeuralNLP-NeuralClassifier. User interaction is required to exploit th...

LLM-Based Vulnerable Code Augmentation: Generate or Refactor?

Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented CWEs. In this context, we investigate LLM-based augmentation for...

Improving the Identification of Real-World Malware's DNS Covert Channels Using Locality Sensitive Hashing

Nowadays, malware increasingly uses DNS-based covert channels in order to evade detection and maintain stealthy communication with its command-and-control servers. While prior work has focused on detecting such activity, identifying specific malware families and their behaviors from captured...

Synthetic Data: AI'S New Weapon against Android Malware

The ever-increasing number of Android devices and the accelerated evolution of malware, reaching over 35 million samples by 2024, highlight the critical importance of effective detection methods. Attackers are now using Artificial Intelligence to create sophisticated malware variations that can...