Linux Distros Unpatched Vulnerability : CVE-2026-1035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Keycloak server during refresh token processing, specifically in the TokenManager class responsible for enforcing refresh token reuse...

ROS-20260203-73-0048

A vulnerability in the netfilter component of the Linux operating system kernel is related to simultaneous execution using a shared resource with improper synchronization. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cau...

CVE-2026-24040

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable text to store JavaScript content. When used in a concurrent environment e.g., a Node.js web server, this variable is shared across all requests. ...

CVE-2026-24040 jsPDF has a Shared State Race Condition in addJS Plugin

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable text to store JavaScript content. When used in a concurrent environment e.g., a Node.js web server, this variable is shared across all requests. ...

CVE-2026-24040

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable text to store JavaScript content. When used in a concurrent environment e.g., a Node.js web server, this variable is shared across all requests. ...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in the addJS function due to the use of a shared module-scoped variable for storing JavaScript content. An attacker can cause sensitive data intended for one user to be included in another user's PDF by making concurrent...

Race Condition

Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Race Condition in the addJS function due to the use of a shared module-scoped variable for storing JavaScript content. An attacker can cause sensitive data intended for one user to be...

CVE-2025-47359

Memory Corruption when multiple threads simultaneously access a memory free API...

CVE-2025-47359 Use After Free in Secure Processor

Memory Corruption when multiple threads simultaneously access a memory free API...

EUVD-2025-206605

Memory Corruption when multiple threads simultaneously access a memory free API...

CVE-2025-47359

Technical details are not publicly available in the provided documents; monitor for updates.

kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.

A flaw was found in the Linux kernel. This use-after-free UAF vulnerability occurs in the procreaddirde function within the /proc filesystem. A local attacker with low privileges can exploit this by concurrently traversing specific directories while network devices are unregistered. This can lead...

kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation

A flaw was found in the Linux kernel's Squashfs filesystem. A local attacker can exploit this vulnerability by simultaneously mounting a Squashfs filesystem and issuing a specific input/output control ioctl command. This can lead to an incorrect block size calculation, causing a shift-out-of-boun...

kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.

A flaw was found in the Linux kernel. This use-after-free UAF vulnerability occurs in the procreaddirde function within the /proc filesystem. A local attacker with low privileges can exploit this by concurrently traversing specific directories while network devices are unregistered. This can lead...

PT-2026-5671

Memory Corruption when multiple threads simultaneously access a memory free API...

CVE-2020-36950

Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to crash the application by manipulating the 'range' parameter. Attackers can send simultaneous requests with an extremely high range value to overwhelm and crash the server...

kernel: net/mlx5e: Check for NOT_READY flag state after locking

A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...

CVE-2020-36950

Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to crash the application by manipulating the 'range' parameter. Attackers can send simultaneous requests with an extremely high range value to overwhelm and crash the server...

PT-2026-4929

Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to crash the application by manipulating the 'range' parameter. Attackers can send simultaneous requests with an extremely high range value to overwhelm and crash the server...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...