Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007055)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007055 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be...

USN-8186-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006762)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006762 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be...

SUSE-SU-2026:21284-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues. The following security issues were fixed: - CVE-2025-39753: gfs2: Set .migratefolio in gfs2rgrp,metaaops bsc1249590. - CVE-2025-39964: crypto: afalg - Disallow concurrent writes in afalgsendmsg bsc1251966. -...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-23950

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-23950. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-23950 DESCRIPTION: node-tar,a Tar for Node.js, has ...

USN-8116-1 linux-intel-iot-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM...

CVE-2026-32262

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before...

EUVD-2025-208407

By default, jailed processes cannot mount filesystems, including nullfs4. However, the allow.mount.nullfs option enables mounting nullfs filesystems, subject to privilege checks. If a privileged user within a jail is able to nullfs-mount directories, a limitation of the kernel's path lookup logic...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystemsfreezecallback The freezeallptr check in filesystemsfreezecallback introduced by commit a3f8f8662771 "power: always freeze efivarfs" is reverse which quite confusingly causes all file syste...

USN-8033-6: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

PT-2026-7017

Authentication Bypass by Alternate Name vulnerability in Apache Shiro. This issue affects Apache Shiro: before 2.0.7. Users are recommended to upgrade to version 2.0.7, which fixes the issue. The issue only effects static files. If static files are served from a case-insensitive filesystem, such ...

Unbreakable Enterprise kernel security update

5.15.0-316.196.4.2 - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added Sabrina Dubroca - usb: raw-gadget: cap rawio transfer length to KMALLOCMAXSIZE Gopi Krishna Menon - ext4: clear istateflags when alloc inode Haibo Chen - ext4: align max orphan file size wi...

USN-7988-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - NVME drivers; - File systems infrastructure; - Timer subsystem; - Memory management; - Packet...

kernel security update

3.10.0-1160.119.1.0.16 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 Orabug: 38790244 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 Orabug: 38790244 - iomap: iomap: fix memory corruption when recording CVE-2022-50406 Orabug: 38790244 - mm: fix zswap...

FreeBSD Security Advisory - FreeBSD-SA-26:02.jail

FreeBSD Security Advisory - By default, jailed processes cannot mount filesystems, including nullfs4. However, the allow.mount.nullfs option enables mounting nullfs filesystems, subject to privilege checks. If a privileged user within a jail is able to nullfs-mount directories, a limitation of th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005033)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005033 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, the...

CVE-2026-21930

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Filesystems. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes ...

CVE-2026-21942

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystems. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

EUVD-2026-3595

Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS...

EUVD-2026-3579

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Filesystems. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes ...