CVE-2026-21253 Mailslot File System Elevation of Privilege Vulnerability

...

CVE-2026-21253 Mailslot File System Elevation of Privilege Vulnerability

...

CVE-2026-21253

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally...

CVE-2026-25992

SiYuan before 3.5.5 exposes a vulnerability in the /api/file/getFile endpoint: it uses case-sensitive equality checks to block access on case-insensitive file systems (e.g., Windows). An attacker can bypass restrictions via mixed-case paths and read protected configuration files. Impact is confid...

Mailslot File System Elevation of Privilege Vulnerability

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

[SECURITY] Fedora 43 Update: rust-btrd-0.5.3-12.fc43

The btrfs debugger...

File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL

Summary An authenticated user can bypass the application's "Disallow" file path rules by modifying the request URL. By adding multiple slashes e.g., //private/ to the path, the authorization check fails to match the rule, while the underlying filesystem resolves the path correctly, granting...

AlmaLinux 8 : kernel (ALSA-2026:2264)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2264 advisory. kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps CVE-2025-40170...

KLA90878 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface, obtain sensitive information, cause denial of service. Below is a...

PT-2026-7356

Name of the Vulnerable Software and Affected Versions Mailslot File System affected versions not specified Description A flaw exists in the Mailslot File System that could allow a local attacker to gain elevated privileges. The issue is a use-after-free condition. An attacker can exploit this to...

kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...

Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection

A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

RHEL 9 : kernel (RHSA-2026:2352)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2352 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: sched: schcake: add bounds...

CVE-2026-24928

Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

USN-8015-3 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...

USN-8015-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...

CVE-2026-24928

Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2026-24928

Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...