CVE-2026-31945 LibreChat Server-Side Request Forgery using DNS resolution

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

PT-2026-28430

Name of the Vulnerable Software and Affected Versions LibreChat versions 0.8.2-rc2 through 0.8.2 Description LibreChat, a ChatGPT clone with additional features, has a server-side request forgery SSRF issue in versions 0.8.2-rc2 through 0.8.2 when utilizing agent actions or MCP. A prior SSRF fix...

LibreChat 代码问题漏洞

LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within a single interface. Versions of LibreChat from 0.8.2-rc2 to 0.8.2 contain code vulnerabilities. These vulnerabilities stem from...

Ella Core has a Denial of Service via SCTP connection cleanup deadlock

Summary A deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. Impact An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers. Fix Add deferred Radio cleanu...

FreeBSD Security Advisory - FreeBSD-SA-26:06.tcp

FreeBSD Security Advisory - When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf...

FreeBSD : FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak) (7aa913e9-28d1-11f1-b35e-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7aa913e9-28d1-11f1-b35e-bc241121aa0a advisory. When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the...

PT-2026-28218

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...

FreeBSD-SA-26:06.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:06.tcp Security Advisory The FreeBSD Project Topic: TCP: remotely exploitable DoS vector mbuf leak Category: core Module: tcp Announced: 2026-03-26 Credits:...

SUSE CVE-2026-23302

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

CVE-2026-20086

Cisco IOS XE Wireless Controller Software (Catalyst CW9800 Family) is affected by a DoS vulnerability in CAPWAP packet processing. An unauthenticated, remote attacker can send a malformed CAPWAP packet to trigger an unexpected device reload, resulting in service disruption. Root cause: improper h...

EUVD-2026-15238

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

CVE-2026-23302

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

UBUNTU-CVE-2026-23302

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

CVE-2026-23302 net: annotate data-races around sk->sk_{data_ready,write_space}

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

CVE-2026-23302

Summary (CVE-2026-23302): The Linux kernel patch resolves a data-race in data-path pointers sk->sk_data_ready and sk->sk_write_space, where skmsg and possibly other layers could modify these pointers while others may read them concurrently. The fix adds corresponding READ_ONCE()/WRITE_ONCE(...

CVE-2026-23302 net: annotate data-races around sk->sk_{data_ready,write_space}

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

kernel: sctp: avoid NULL dereference when chunk data buffer is missing

In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...

Linux Distros Unpatched Vulnerability : CVE-2026-23302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them...

FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak)

Problem Description: When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. Impact: If an attacker is either on path with an established TCP...

CVE-2026-32946

A flaw was found in Harden-Runner, a security agent for GitHub Actions runners. An attacker with existing code execution capabilities within a GitHub Actions workflow can bypass network egress policies, which are security measures designed to control outbound network connections. This bypass occu...