EUVD-2026-1095

An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the application to load a DLL from an attacker-controlled location, potentially resulting in arbitrary code execution. Refer to the ' Security Update for MyASUS' section on the ASUS...

EUVD-2026-1056

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479...

EUVD-2026-1050

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677...

EUVD-2026-1053

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685...

EUVD-2026-0975

In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720...

EUVD-2026-0954

In mminfra, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267349; Issue ID: MSV-5033...

EUVD-2026-0968

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533...

EUVD-2026-0976

In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

EUVD-2026-1099

EUVD-2026-1099...

EUVD-2026-0877

Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Follow My Blog Post: from n/a through 2.4.0...

EUVD-2026-0879

Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCommerce allows Retrieve Embedded Sensitive Data.This issue affects Wallet System for WooCommerce: from n/a through 2.7.2...

EUVD-2026-0867

Insertion of Sensitive Information Into Sent Data vulnerability in Awethemes AweBooking allows Retrieve Embedded Sensitive Data.This issue affects AweBooking: from n/a through 3.2.26...

EUVD-2026-0882

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

EUVD-2026-0888

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

EUVD-2026-0891

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly handle return of sgnentsforlen The return value of sgnentsforlen was assigned to an unsigned long in starfivehashdigest, causing negative error codes to be converted to large positive integers. Add...

EUVD-2026-0889

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180initrxring In rtl8180initrxring, memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously successful allocations are not freed...

EUVD-2026-0883

In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...

EUVD-2026-0896

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

EUVD-2026-0894

In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptpclocksettime assumes every ptpclock has implemented settime64. Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050bbe63 "gve: Implement...

EUVD-2026-0892

In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpuvstl A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on value of 'index'...