CVE-2026-11369 IDOR in Comment API Allows Cross-Process Comment Read and Write

The Comment API GET /api/Comment and POST /api/Comment in the affected application fails to perform authorization checks to verify that the requesting user has access to the object identified by the relatedObjectId. This Insecure Direct Object Reference IDOR vulnerability allows any authenticated...

CVE-2026-11369

The CVE-2026-11369 entry concerns an Insecure Direct Object Reference (IDOR) in the Comment API. The affected endpoints are GET /api/Comment and POST /api/Comment. The root cause is missing authorization checks to verify that a user has access to the object identified by relatedObjectId, allowing...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Fixed the issue where hugepmdunshare caused a race condition with GUP-fast. The hugepmdunshare function releases a reference to a page table that might have previously been shared across processes. This could...

GPUBreach: Privilege Escalation Attacks on GPUs Using Rowhammer

NVIDIA GPUs with GDDR memories have been shown susceptible to Rowhammer-based bit-flips, similar to CPUs. However, Rowhammer exploits on GPUs have been limited to injecting untargeted bit-flips in victim data like weights of machine learning models, to degrade model accuracy, unlike CPU exploits...

Astra Linux - уязвимость в php7.3

In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, various XML functions rely on the libxml global state to track configuration variables, such as whether external entities are loaded. This state is assumed to remain unchanged unless the user explicitly changes it by...

EUVD-2026-17484

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

Apple Multiple Products Improper Locking Vulnerability

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes...

VulnCheck KEV: CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpect...

RockyLinux 8 : firefox (RLSA-2025:18285)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:18285 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textur...

EUVD-2026-5109

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

MiracleLinux 7 : kernel-3.10.0-1160.99.1.el7 (AXSA:2023-6384:24)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6384:24 advisory. kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted...

MiracleLinux 7 : linux-firmware-20200421-81.git78c0348.el7 (AXSA:2023-6589:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6589:09 advisory. hw amd: Return Address Predictor vulnerability leading to information disclosure CVE-2023-20569 hw: amd: Cross-Process Information Leak CVE-2023-205...

MiracleLinux 9 : linux-firmware-20230310-135.el9.ML.1 (AXSA:2023-6485:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6485:07 advisory. hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : linux-firmware-20230404-117.git2e92a49f.el8.ML.1 (AXSA:2023-6487:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6487:08 advisory. hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : thunderbird-140.4.0-2.el8_10.ML.1 (AXSA:2025-11006:25)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11006:25 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL...

Memory DisOrder: Memory Re-Orderings As a Timerless Side-Channel

To improve efficiency, nearly all parallel processing units CPUs and GPUs implement relaxed memory models in which memory operations may be re-ordered, i.e., executed out-of-order. Prior testing work in this area found that memory re-orderings are observed more frequently when other cores are...

Memory Re-orderings as a Timerless Side-channel

Summary Researchers have provided AMD with a paper titled “MEMORY DISORDER: Memory Re-orderings as a Timerless Side-channel” In this work, the authors introduced MEMORY DISORDER, a timerless side-channel attack that exploits memory re-orderings to infer activity on other processes. They showed th...

CVE-2025-14979

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...

PT-2026-1436

Name of the Vulnerable Software and Affected Versions AirVPN Eddie version 2.24.6 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations Update to a newer version that contains a fix for this...

CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpect...