Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013540 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...

EUVD-2026-24199

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

CVE-2026-5652

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

CVE-2026-5652

CVE-2026-5652 affects Crafty Controller’s Users API component, enabling an authenticated remote attacker to perform user modification actions due to improper API permissions validation. Reported CVSS 3.1 base score 9.0 (CRITICAL) with network attack vector, low attack complexity, high confidentia...

CVE-2026-5652 Authorization Bypass Through User-Controlled Key in Crafty Controller

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

CVE-2026-5652

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

CVE-2026-40566

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery SSRF vulnerability in the IMAP/SMTP connection test functionality of FreeScout's MailboxesController. Three AJAX actions fetchtest line 731, sendtest line 682, and imapfolder...

Hardy Barth Salia EV Charge Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

CVE-2026-29647

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

CVE-2026-6383 vulnerabilities

Vulnerabilities for packages: virt-api-fips, virt-handler, virt-handler-fips, virt-controller, virt-operator, virt-api, virt-operator-fips, virt-controller-fips...

GHSA-J6CV-3W8P-VRG8 vulnerabilities

Vulnerabilities for packages: virt-api-fips, virt-handler, virt-handler-fips, virt-controller, virt-operator, virt-api, virt-operator-fips, virt-controller-fips...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the IMAP/SMTP connection testing functionality in t...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.215 contained security vulnerabilities. These vulnerabilities stemmed from the MailboxesController::updateSave function, which...

PT-2026-34013

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006949 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013335 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013185 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter B Generic UART in ARM Server...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011233 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013162 advisory. In the Linux kernel, the following vulnerability has been resolved: Revert mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K The commit 8396c793ffdf mmc:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010912)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010912 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the...