PT-2026-6908

Name of the Vulnerable Software and Affected Versions Harden-Runner versions prior to 2.14.2 Description Harden-Runner, a CI/CD security agent functioning as an EDR for GitHub Actions runners, contained a security issue where outbound network connections could bypass audit logging. Specifically,...

CVE-2026-23072

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

UBUNTU-CVE-2026-23083

In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by fouudprecv nor "resubmit"-ted in ipprotocoldeliverrcu. Let's forbid 0 for...

CVE-2026-23048

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

CVE-2026-23048

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

CVE-2026-23048 udp: call skb_orphan() before skb_attempt_defer_free()

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

CVE-2026-23048

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

CVE-2026-23570

A missing validation of a user-controlled value in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged o...

CVE-2026-23567

An integer underflow in the UDP command handler of the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service service crash via...

CVE-2026-23564

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

CVE-2026-23570

A missing validation of a user-controlled value in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged o...

CVE-2026-23567 Integer underflow in Content Distribution Service UDP handler

An integer underflow in the UDP command handler of the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service service crash via...

CVE-2026-23567 Integer underflow in Content Distribution Service UDP handler

An integer underflow in the UDP command handler of the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service service crash via...

CVE-2026-23566 Log Injection in Content Distribution Service UDP Handler

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. Th...

CVE-2026-23566

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. Th...

PT-2026-5254

Name of the Vulnerable Software and Affected Versions TeamViewer DEX Client former 1E Client - Content Distribution Service versions prior to 26.1 Description An integer underflow exists in the UDP command handler of the Content Distribution Service NomadBranch.exe. This flaw allows a nearby...

TeamViewer DEX Client 安全漏洞

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. TeamViewer DEX Client prior to version 26.1 suffers from a buffer overflow vulnerability that stems from the Content Distribution Service's UDP command processor failing to correctly...

UBUNTU-CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

CVE-2026-22258

CVE-2026-22258 affects Suricata (IDS/IPS/NSM). Before versions 8.0.3 and 7.0.14, crafted DCERPC traffic can trigger unbounded buffering, causing memory exhaustion and process termination. While initially observed over UDP, TCP and SMB are also considered vulnerable; however, DCERPC/TCP defaults l...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005175)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005175 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free o...