Astra Linux - уязвимость в firefox

A race condition involving requestPointerLock and setTimeout could have allowed a user to interact with one tab while believing they were on a different tab. Combined with certain elements such as , this could lead to an attack where the user became confused about the origin of the webpage and...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: Verify that the extended element ID is present. Before attempting to parse an extended element, ensure that the extended element ID is present...

Astra Linux - уязвимость в webkit2gtk

A use-after-free vulnerability exists in the SVG implementation in Blink, as used in Google Chrome before version 35.0.1916.114. This vulnerability allows remote attackers to cause a denial of service or potentially cause unspecified other impacts through vectors that trigger the removal of an...

Astra Linux - уязвимость в zabbix

A stored XSS vulnerability has been detected in the Zabbix web application, specifically in the Maps element, when a URL field contains spaces before the URL...

Astra Linux - уязвимость в firefox

The element could have been manipulated to display content outside of a sandboxed iframe. This could allow untrusted content to be displayed under the guise of trusted content. This vulnerability affects Firefox versions earlier than 121...

Astra Linux – Vulnerability in xmltooling

Shibboleth XMLTooling before version 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allowed SSRF through a specially crafted KeyInfo element. This issue has been fixed, for example, in Shibboleth Service Provider 3.4.1.3 on Windows...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mISDN: fixed a possible memory leak in mISDNdspelementregister After committing 1fa5ae857bb1 "driver core: remove the struct device’s busid string array", the name of the device is allocated dynamically. Use putdevice to relea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: hp-bioscfg: Fixed out-of-bounds array access issues during ACPI package parsing. The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain vulnerabilities related to out-of-bounds array access...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel before version 6.0.11. Missing offset validation in the drivers/net/wireless/microchip/wilc1000/hif.c file, within the WILC1000 wireless driver, can lead to an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netli...

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow flaw has been discovered in FreeRDP. In affected versions RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array...

CVE-2026-46725

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector)

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725

The CVE-2026-46725 vulnerability affects the TYPO3 extension Content Element Selector (ceselector). The issue arises when an attacker-controlled cookie is passed directly to PHP unserialize() without safe input handling, enabling PHP Object Injection that can lead to Remote Code Execution on the ...

CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector)

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

kernel: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpfmaplookuppercpuelem will not be inlined. Using...

Malicious code in @antv/g6-element (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

TYPO3 Extension Content Element Selector 代码问题漏洞

TYPO3 Extension Content Element Selector is an open-source extension for TYPO3 that allows users to select content elements. This extension has a code vulnerability that stems from the extension directly passing cookies controlled by the attacker to the PHP’s unserialize function without proper...

PT-2026-41886

Name of the Vulnerable Software and Affected Versions Qt Qt Framework Unix affected versions not specified Description An Uncontrolled Search Path Element issue in the OpenSSL TLS backend of Qt Network qtbase allows a local attacker to load a rogue CA certificate as a trusted system authority. Th...

MAL-2026-3987 Malicious code in @antv/g6-element (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...