CVE-2025-14341

creationtimestamp| type| source ---|---|--- 2026-05-07 16:54:03+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mlbokdfb3v2e 2026-05-07 17:09:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlbpgsdmla2z...

Microsoft Team Events Portal Information Disclosure Vulnerability

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network...

CVE-2025-1978

creationtimestamp| type| source ---|---|--- 2026-05-07 11:09:55+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mlb3cyfts22f 2026-05-07 11:25:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlb46drpmy2o 2026-05-07 21:53:41+00:00| seen|...

SUSE CVE-2026-43110

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmffwehhandleifevent validates the firmware-provided interface index before it touches drvr-iflist, but it still uses the raw bsscfgidx field as an array index without a...

CVE-2026-43265

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for x86 architectures. A local user or a malicious guest operating system could manipulate the virtual CPU vCPU state by injecting events while the vCPU is in a blocking state. This could lead to a spurious exit to userspace,...

CVE-2026-43534

OpenClaw before 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply malicious hook names to escalate untrusted input into higher-trust agent context...

CVE-2026-43578 OpenClaw 2026.3.31 < 2026.4.10 - Privilege Escalation via Missed Async Exec Completion Events in Heartbeat Owner Downgrade

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged contex...

CVE-2026-43578

OpenClaw 2026.3.31 before 2026.4.10 is affected by a privilege-escalation vulnerability in which heartbeat owner downgrade detection misses local background async exec completion events. Attackers can provide untrusted completion content to leave a run in a more privileged context than intended. ...

CVE-2026-43578 OpenClaw 2026.3.31 < 2026.4.10 - Privilege Escalation via Missed Async Exec Completion Events in Heartbeat Owner Downgrade

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged contex...

CVE-2026-41506 vulnerabilities

Vulnerabilities for packages: kubescape-server, gomplate, pulumi-kubernetes-operator, flux-image-automation-controller-fips, gitlab-rails-ce-fips, trivy, trivy-fips, gitea-fips, rancher-fleet-fips, syft-fips, zarf-fips, witness, grafana-alloy, flux-source-controller-fips, nemo, grype-db,...

CVE-2026-20185

creationtimestamp| type| source ---|---|--- 2026-05-06 17:22:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml77ngnlrb2r 2026-05-06 17:22:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml77osaodu2t 2026-05-07 00:53:19+00:00| seen|...

CVE-2026-43110

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

EUVD-2026-27662

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

EUVD-2026-27630

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmffwehhandleifevent validates the firmware-provided interface index before it touches drvr-iflist, but it still uses the raw bsscfgidx field as an array index without a...

CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

CVE-2026-43265 KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

CVE-2026-43265

CVE-2026-43265 affects the Linux kernel KVM for x86. The vulnerability arises when a vCPU is put into a blocking state with an already-injected event or nested run, allowing a user or guest to manipulate vCPU state and trigger a spurious userspace exit (often KVM_EXIT_UNKNOWN) that could crash th...

CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

CVE-2026-43107

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...