CVE-2026-23251 xfs: only call xf{array,blob}_destroy if we have a valid pointer

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of...

UBUNTU-CVE-2025-71265

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...

CLSA-2026-1773832495 Fix of 114 CVEs

CVE-2023-53515 - virtio-mmio: don't break lifecycle of vmdev CVE-2023-53515 CVE-2025-39967 - fbcon: fix integer overflow in fbcondosetfont CVE-2025-39967 - fbcon: Fix OOB access in font allocation CVE-2025-39967 CVE-2025-38702 - fbdev: fix potential buffer overflow in doregisterframebuffer...

CVE-2025-71266 fs: ntfs3: check return value of indx_find to avoid infinite loop

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed dentry in the ntfs3 filesystem can cause the...

CVE-2025-71265

CVE-2025-71265 affects the Linux kernel ntfs3 attribute run parsing. A malformed NTFS image could trigger an infinite loop in attr_load_runs_range when an empty run list is claimed but data is expected, due to the code path leaving runs_tree uninitialized (runs NULL) after a successful return fro...

Arbitrary File Read

github.com/kedacore/keda is vulnerable to Arbitrary File Read. The vulnerability is due to insufficient path validation when loading the Service Account Token from spec.hashiCorpVault.credential.serviceAccount, which allows an attacker with permission to create or modify a TriggerAuthentication...

CVE-2026-27545

OpenClaw versions prior to 2026.2.26 contain an approval bypass vulnerability in system.run execution that allows attackers to execute commands from unintended filesystem locations by rebinding writable parent symlinks in the current working directory after approval. An attacker can modify mutabl...

CVE-2026-27545

OpenClaw versions prior to 2026.2.26 contain an approval bypass vulnerability in system.run execution that allows attackers to execute commands from unintended filesystem locations by rebinding writable parent symlinks in the current working directory after approval. An attacker can modify mutabl...

CVE-2026-27545 OpenClaw < 2026.2.26 - Approval Bypass via Parent Symlink Current Working Directory Rebind

OpenClaw versions prior to 2026.2.26 contain an approval bypass vulnerability in system.run execution that allows attackers to execute commands from unintended filesystem locations by rebinding writable parent symlinks in the current working directory after approval. An attacker can modify mutabl...

Linux Distros Unpatched Vulnerability : CVE-2026-23267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix ISCHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes During SPO tests, when mounting F2FS, an -EINVAL erro...

PT-2026-26075

Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

OPENSUSE-SU-2026:20373-1 Security update for python-Django

This update for python-Django fixes the following issues: Changes in python-Django: - CVE-2026-25674: Fixed race condition which can lead to potential incorrect permissions on newly created file system objects bsc1259142...

EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2026-1433)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in...

CVE-2026-32262 Craft CMS has a Path Traversal Vulnerability in AssetsController

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before...

CVE-2026-32262

Craft CMS is affected by a path traversal vulnerability (CVE-2026-32262) where AssetsController-&gt;replaceFile() uses an unsanitized targetFilename in deleteFile() before Assets::prepareAssetName() on save. An authenticated user with replaceFiles permission can delete arbitrary files on the same...

CVE-2026-32262 Craft CMS has a Path Traversal Vulnerability in AssetsController

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before...

CVE-2026-32262 Craft CMS has a Path Traversal Vulnerability in AssetsController

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before...

SiYuan globalCopyFiles: incomplete sensitive path blocklist allows reading /proc and Docker secrets

Summary POST /api/file/globalCopyFiles reads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin can copy /proc/1/environ or Docker secrets into the workspace an...

Craft CMS has a Path Traversal Vulnerability in AssetsController

The AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before Assets::prepareAssetName is applied on save. This allows an authenticated user with replaceFiles permission to delete arbitrary files within the same filesystem root by...

GHSA-472V-J2G4-G9H2 Craft CMS has a Path Traversal Vulnerability in AssetsController

The AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before Assets::prepareAssetName is applied on save. This allows an authenticated user with replaceFiles permission to delete arbitrary files within the same filesystem root by...