1292 matches found
CVE-2026-46227
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
EUVD-2026-32854
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
CVE-2026-46227
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
CVE-2026-46227 sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control C2 channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since...
gimp: GIMP: Remote Code Execution via ANI File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a specially crafted ANI Animated Cursor file or visiting a malicious web page. This issue stems from an integer overflow during the parsing of ANI files, caused by insufficient validation of...
CLSA-2026-1777944852 vim: Fix of 2 CVEs
CVE-2021-3984: in findstartbrace misc1.c, when a found '' lies inside a comment, restore the full cursor position line and column instead of only the line so subsequent C-indent lookups stay within the line bounds. - CVE-2022-2571: in inscomplgetexp edit.c, when CONTADDING is active, only advance...
CVE-2026-7629
A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has...
CVE-2026-7629 kleneway awesome-cursor-mpc-server Ccode-Review Tool codeReview.ts runCodeReviewTool command injection
A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has...
CVE-2026-7629 kleneway awesome-cursor-mpc-server Ccode-Review Tool codeReview.ts runCodeReviewTool command injection
A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has...
CVE-2026-7629
Vulnerability summary (CVE-2026-7629) : A flaw in the kleneway awesome-cursor-mpc-server (versions up to 2.0.1) affects the function runCodeReviewTool in src/tools/codeReview.ts, enabling remote command injection via manipulation. The exploit is reportedly published and could be used in the wild;...
CLSA-2026-1777542146 vim: Fix of 3 CVEs
CVE-2023-1170: at the end of doput ops.c, clamp the cursor column back to the line length and recompute coladd under virtualedit=all so a Visual block put past the new NUL no longer leaves the cursor pointing past end-of-line. - CVE-2023-1175: in opyank ops.c, when the yank starts inside a...
CLSA-2026-1777540266 vim: Fix of 10 CVEs
CVE-2022-2182: in doonecmd, after ";" sets curwin-wcursor.lnum to ea.line2, call checkcursor instead of checkcursorlnum so the column is validated too, and fall back to checkcursorcol when ea.line2 is zero, preventing read past end-of-line on ":0;'". - CVE-2022-2206: in checkshellsize, clamp...
Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds
PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws...
Cursor AI IDE vulnerability allows code execution via hidden Git hooks
Novee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011173)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011173 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...
OESA-2026-1956 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
OESA-2026-1955 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007349)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007349 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...
UBUNTU-CVE-2026-40917
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...