CVE-2026-31782

The CVE-2026-31782 entry describes a Linux kernel perf/x86 issue where an auto counter reload could group software events with the x86_hybrid_pmu inside intel_pmu_hw_config. A container_of operation in intel_pmu_set_acr_caused_constr (via the hybrid helper) could read memory out of bounds. The fi...

CVE-2026-31782 perf/x86: Fix potential bad container_of in intel_pmu_hw_config

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad containerof in intelpmuhwconfig Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86hybridpmu and a containerof operation in...

CVE-2026-31771

CVE-2026-31771 affects the Linux kernel Bluetooth HCI event handling. The vulnerability arose because hci_store_wake_reason() could be invoked before per-event payload length checks, potentially allowing a short HCI event frame to reach bacpy() prior to validation. The fix restructures wake-addre...

EUVD-2026-26544

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work for the given thermal zone, the canceldelayedworksync in...

WordPress Display Eventbrite Events plugin <= 6.1.10 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Display Eventbrite Events versions = 6.1.10...

WordPress Events Addon for Elementor plugin <= 2.2.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Events Addon for Elementor versions = 2.2.2...

PT-2026-36417

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container of in intel pmu hw config Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86 hybrid pmu and a container of operation i...

CVE-2018-25317

creationtimestamp| type| source ---|---|--- 2026-04-29 20:31:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknwyjsior2t 2026-04-29 21:03:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknyrpfdyv2n 2026-05-05 04:37:07+00:00| seen|...

CVE-2018-25316

creationtimestamp| type| source ---|---|--- 2026-04-29 20:27:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknwr3n25e2k 2026-04-29 20:58:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknyiqt73m2e 2026-05-04 20:07:07+00:00| seen|...

CVE-2018-25314

creationtimestamp| type| source ---|---|--- 2026-04-29 20:25:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknwnpzlsb2o 2026-04-29 20:39:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknxfzyb4u2c...

CVE-2026-0204

creationtimestamp| type| source ---|---|--- 2026-04-29 19:01:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mknrwybg7h2w 2026-04-29 19:18:21+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mknsuzqutq2t 2026-04-30 06:01:26+00:00| seen|...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.13.1 Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and Spring WebFlux applications can result in disclosure of conten...

CVE-2026-41940

creationtimestamp| type| source ---|---|--- 2026-04-29 11:21:48+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/al26-008-vulnerability-affecting-cpanel-webhost-manager-whm-cve-2026-41940 2026-04-29 16:21:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkniz3woo32i 2026-04-2...

CVE-2026-7321

creationtimestamp| type| source ---|---|--- 2026-04-28 16:42:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkkzpt3i4w2n 2026-04-28 17:04:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkl2x5rxwl2r 2026-04-29 05:55:52+00:00| seen|...

Simplifying AWS defense with Microsoft Sentinel UEBA

In this article 1. Under the hood: The tables 2. Traditional vs. new approach 3. Real-world attack scenarios: Microsoft Sentinel UEBA in action 4. Practical implementation: Getting started 5. Limitations and constraints 6. From raw logs to behavioral context With the expansion of Microsoft Sentin...

CVE-2026-41362

OpenClaw versions 2026.2.19 before 2026.3.31 contain an improper cache isolation vulnerability in the Zalo webhook replay-dedupe mechanism that is shared across authenticated webhook targets. Attackers controlling one authenticated Zalo webhook path in multi-account deployments can suppress...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to suppress legitimate events on different accounts by matching the eventname and messageid parameters...

OpenClaw has an unspecified vulnerability (CNVD-2026-19026)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to suppress legitimate events on different accounts by matching the eventname and messageid parameters...

CVE-2026-39491

creationtimestamp| type| source ---|---|--- 2026-04-27 06:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkhh4z3mzy2c 2026-04-27 06:32:07+00:00| seen| https://bsky.app/profile/potato.software/post/3mkhh4zlgt525...

Linux Distros Unpatched Vulnerability : CVE-2026-31670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so...