RockyLinux 10 : corosync (RLSA-2026:19043)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19043 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via intege...

[SECURITY] [DLA 4608-1] corosync security update

Debian LTS Advisory DLA-4608-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias May 30, 2026 https://wiki.debian.org/LTS Package : corosync Version : 3.1.2-2+deb11u2 CVE ID : CVE-2026-35091 CVE-2026-35092 Debian Bug : 1133837 1133838 Two vulnerabilities have been...

OESA-2026-2494 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2 f...

EUVD-2026-33066

Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.0.15 contain an out-of-bounds read vulnerability in the Command ID 30 UDP packet handler that allows remote attackers to crash the application by sending a specially crafted UDP packet. Attackers can send a malformed...

CVE-2026-39929 Lakeside SysTrack Agent LsiAgent.exe Out-of-Bounds Read via UDP

Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.0.15 contain an out-of-bounds read vulnerability in the Command ID 30 UDP packet handler that allows remote attackers to crash the application by sending a specially crafted UDP packet. Attackers can send a malformed...

CVE-2026-39929

CVE-2026-39929 concerns Lakeside SysTrack Agent prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15, where the out-of-bounds read occurs in the UDP Command ID 30 packet handler. The root cause is an invalid memory access triggered by a malformed UDP packet at offset 0x4 in the payload, leadin...

Lakeside SysTrack Agent 代码问题漏洞

Lakeside SysTrack Agent is a proxy component developed by Lakeside Corporation in the United States, used for collecting performance data from terminal devices and user experience metrics. There is a code vulnerability in Lakeside SysTrack Agent, which stems from an out-of-bounds read in the...

PT-2026-44541

Name of the Vulnerable Software and Affected Versions Lakeside SysTrack Agent versions prior to 11.2.1.28 Lakeside SysTrack Agent versions prior to 11.3.0.38 Lakeside SysTrack Agent versions prior to 11.4.0.24 Lakeside SysTrack Agent versions prior to 11.5.0.15 Description An out-of-bounds read...

EUVD-2026-32325

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

CVE-2026-45859

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

PT-2026-43726

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink queue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'F GSO' capability flag and a gso packet with an unconfirmed nf conn entry is...

CentOS 9 : kernel-5.14.0-708.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-708.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks...

UBUNTU-CVE-2026-48683

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflowplugin/netflowv9collector.cpp, the Data template branch lines 1695-1702 iterates over flow records without performing a per-iteration bounds check agains...

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CVE-2026-48132

The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...

CVE-2026-9395

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...

SUSE-SU-2026:2071-1 Security update for samba

This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. - CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. - CVE-2026-4480: Unauthenticated...

CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

PT-2026-43271

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An out-of-bounds read exists in the NetFlow v9 options template parser. In the process netflow v9 options template function, the scope parsing loop iterates until scopes offset...