CLSA-2026-1777742234 corosync: Fix of 2 CVEs

CVE-2026-35091: fix incorrect return value in checkmembcommittokensanity allowing DoS via crafted membcommittoken packet - CVE-2026-35092: fix integer overflow in checkmembjoinsanity allowing bypass of length validation via crafted membjoin packet...

CVE-2026-30363

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

Flipper Zero Firmware 安全漏洞

Flipper Zero Firmware is an open source firmware update and development tool for multifunctional devices from Flipper Devices. A security vulnerability exists in the Flipper Zero Firmware commit ad2a80 version, which originates from a stack overflow in the Main function...

EUVD-2026-26705

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

PT-2026-36534

Name of the Vulnerable Software and Affected Versions Flipperzero firmware affected versions not specified Description A stack overflow exists in the Main function, which allows attackers to execute arbitrary code. This issue is currently being exploited in real-world incidents. Recommendations A...

PT-2026-36516

Name of the Vulnerable Software and Affected Versions Open-SAE-J1939 versions prior to commit b6caf884df46435e539b1ecbf92b6c29b345bdfe Description A denial of service can be triggered via a crafted CAN frame on the J1939 bus within the SAE J1939 Read Binary Data Transfer DM16 function...

PT-2026-36509

Name of the Vulnerable Software and Affected Versions openxc/isotp-c versions prior to commit 5a5d19245f65189202719321facd49ce6f5d46ac Description An out-of-bounds read exists in the ISO-TP Single Frame receive handler. The issue occurs because the 4-bit payload length nibble is used directly as...

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the options.WithCommit process. An attacker can cause loss of data consistency by relying on the transaction commit flag without the transaction actually being committed. Workaround This...

GHSA-28XX-PPPM-VQFF ydb-go-sdk's transactions are not committed using the `options.WithCommit()` option on last call `table.Transaction.Execute` in transaction

Impact Transactions were NOT committed despite the explicit options.WithCommit flag using table service client. Because of this, clients did not commit changes to the transaction, relying on the fact that the transaction commit was successful. This led in rare cases to a loss of data consistency...

ydb-go-sdk's transactions are not committed using the `options.WithCommit()` option on last call `table.Transaction.Execute` in transaction

Impact Transactions were NOT committed despite the explicit options.WithCommit flag using table service client. Because of this, clients did not commit changes to the transaction, relying on the fact that the transaction commit was successful. This led in rare cases to a loss of data consistency...

CLSA-2026-1777546896 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

Linux Distros Unpatched Vulnerability : CVE-2026-39973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in...

EUVD-2026-26007

A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...

Linux Distros Unpatched Vulnerability : CVE-2026-31445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: avoid use of half-online-committed context One major usage of damoncall is online DAMON parameters update. It is done by calling damoncommitctx...

CVE-2026-30352

A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...

CVE-2026-30351

A path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files via sending crafted URL path containing traversal sequences...

CVE-2026-30350

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2026-41667

Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0...

CVE-2026-40448

Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0...