January 24, 2026—KB5078131 (OS Build 17763.8281) Out-of-band

January 24, 2026—KB5078131 OS Build 17763.8281 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business device...

CVE-2026-22989

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

CVE-2026-22989

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

CVE-2026-22989

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

CVE-2026-22989 nfsd: check that server is running in unlock_filesystem

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

CVE-2025-71153

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix memory leak in getfileallinfo In getfileallinfo, if vfsgetattr fails, the function returns immediately without freeing the allocated filename, leading to a memory leak. Fix this by freeing the filename before returning...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004865)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004865 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the testnosharedqgroup and...

Linux Distros Unpatched Vulnerability : CVE-2026-22980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed -...

CVE-2026-22278

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37742)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37742 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap...

Azure Linux 3.0 Security Update: kernel (CVE-2024-41076)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41076 advisory. - In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57892)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57892 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49859)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49859 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check atomicfile in f2fs...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49996 advisory. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing N...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57940)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57940 advisory. - In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21673)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21673 advisory. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of...

CVE-2021-47874

VFS for Git 1.0.21014.1 contains an unquoted service path vulnerability in the GVFS.Service Windows service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem...

EUVD-2026-3595

Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS...

Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS

TITLE: Race Condition in node-tar Path Reservations via Unicode Sharp-S ß Collisions on macOS APFS AUTHOR: Tomás Illuminati Details A race condition vulnerability exists in node-tar v7.5.3 this is to an incomplete handling of Unicode path collisions in the path-reservations system. On...

PT-2026-3826

VFS for Git 1.0.21014.1 contains an unquoted service path vulnerability in the GVFS.Service Windows service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem...