CVE-2025-31974

HCL BigFix Service Management SM is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes...

CVE-2026-43154

A flaw was found in the Linux kernel's EROFS filesystem. Crafted EROFS images containing valid volume labels can trigger incorrect early returns during volume label handling, leading to folio reference leaks. This issue could potentially lead to minor resource exhaustion, but it does not cause...

CVE-2026-43153

A flaw was found in the Linux kernel's XFS filesystem. The xfsattrleafhasname function has a problematic calling convention that can lead to incorrect buffer handling. This issue can result in the use of already released memory buffers, potentially causing memory corruption or system instability....

EUVD-2026-27873

NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and content.files values or creati...

CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-31974 HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only

HCL BigFix Service Management SM is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes...

CVE-2026-43065

A flaw was found in the ext4 filesystem within the Linux kernel. When an ext4 filesystem is initially mounted with the 'discard' option and then remounted with 'nodiscard', pending discard operations may not be properly cancelled or flushed. This can lead to unhandled resource operations if the...

CVE-2026-7875

NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and...

CVE-2026-7875

NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup. A compromised or prompt-injected container can read files outside the intended outbox directory by supplying crafted messages_out.id and content.files values or by creating sym...

CVE-2026-43075

A flaw was found in the Linux kernel's ocfs2 filesystem component. This vulnerability allows a local attacker, by mounting a specially crafted and corrupted ocfs2 filesystem on a loop device, to trigger an out-of-bounds write. This occurs because the system incorrectly trusts the idcount field fr...

CVE-2026-43076

A flaw was found in the ocfs2 filesystem module of the Linux kernel. This vulnerability occurs when the system attempts to read an inode from a corrupted filesystem, where the inline data size is not properly validated. This can lead to a use-after-free condition, potentially allowing a local...

CVE-2026-43118

A flaw was found in the Linux kernel's Btrfs filesystem. When a file is truncated to zero size and then a hardlink is created, a power failure followed by log replay can cause the file to incorrectly retain its original size instead of being zero. This data integrity issue may lead to unexpected...

EUVD-2026-27770

In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...

EUVD-2025-209671

In the Linux kernel, the following vulnerability has been resolved: hfsplus: ensure sb-sfsinfo is always cleaned up When hfsplus was converted to the new mount api a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been...

CVE-2026-43228

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks In a06ec283e125 nextid, foldercount, and filecount in the super block info were expanded to 64 bits, and BUGONs were added to detect overflow. This triggered an error...

CVE-2026-43209

In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

CVE-2026-43153

In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a valid buffer when xfsattr3leaflookupint returns -ENOATTR or -EEXIST, and ...