792 matches found
CLEANSTART-2026-MP82813 Security fixes for CVE-2026-33186, CVE-2026-39882, CVE-2026-39883, CVE-2026-40179, ghsa-mqqf-5wvp-8fh8 applied in versions: 1.21.0-r0, 1.21.0-r1
Multiple security vulnerabilities affect the cortex package. These issues are resolved in later releases. See references for individual vulnerability details...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: Errata: Add a workaround for speculative unprivileged loads on Cortex-A520. Implement the workaround according to erratum 2966298 for ARM Cortex-A520. On an affected Cortex-A520 core, a speculative unprivileged load may le...
Astra Linux - уязвимость в linux, linux-5.10
Certain Arm Cortex and Neoverse processors, as of 2022-03-08, do not properly prevent cache speculation, also known as Spectre-BHB. Attackers can exploit the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. As a result, cache allocation may allow attacker...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...
OESA-2026-2074 llvm security update
LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...
OESA-2026-2073 llvm security update
LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...
OESA-2026-2072 llvm security update
LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...
0xpwn (>=0.1.0 <=0.1.1), a-mem (>=0.1.0 <=0.2.6) +2369 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)
litellm PYPI version =1.81.16, =0.1.0, =0.1.0, =0.3.0, =0.1.3, =0.0.4, =0.1.0, =0.0.1a0, =0.2.2, =0.2.1, =0.2.0, =0.6.1 - acatome-mcp =0.2.1 - acceldata-aio-tracer =0.1.0.dev1 and more Source cves: CVE-2026-42208 Source advisory: SNYK:PYTHON-LITELLM-16300164...
PT-2026-35055
Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.8.0 through 4.10 Description An integer underflow occurs in the emsa pkcs1 v1 5 encode function within the core/drivers/crypto/crypto api/acipher/rsassa.c file. The issue arises when calculating the padding size PS size by...
OESA-2026-1968 llvm security update
LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...
EUVD-2026-23292
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...
CVE-2026-6442
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...
CVE-2026-6442 Improper Command Detection Logic Allows RCE in Cortex Code Command-Line Interface
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...
CVE-2026-6442
CVE-2026-6442 concerns Snowflake Cortex Code CLI prior to version 1.0.25, where improper validation of bash commands allows embedding crafted content to cause the CLI agent to execute arbitrary code outside the sandbox. The NVD/CVE records describe this as a local RCE risk with non-deterministic ...
CVE-2026-6442 Improper Command Detection Logic Allows RCE in Cortex Code Command-Line Interface
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...
PT-2026-33357
Name of the Vulnerable Software and Affected Versions Snowflake Cortex Code CLI versions prior to 1.0.25 Description Improper validation of bash commands allows subsequent commands to execute outside the sandbox. An attacker can embed specially crafted commands in untrusted content, such as a...
Snowflake Cortex Code CLI 安全漏洞
Snowflake Cortex Code CLI is an open-source command-line development tool provided by Snowflake. Versions of Snowflake Cortex Code CLI prior to 1.0.25 contained security vulnerabilities. These vulnerabilities were due to improper validation of bash commands, which could allow attackers to execute...
CVE-2026-0234
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources...
EUVD-2026-21895
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection...
CVE-2026-0234
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources...