Linux Distros Unpatched Vulnerability : CVE-2026-43369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to...

Google Chrome < 148.0.7778.178 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 148.0.7778.178. It is, therefore, affected by multiple vulnerabilities as referenced in the 202605stable-channel-update-for-desktop0841193308 advisory. - Use after free in DOM in Google Chrome on prior to 148.0.7778.179...

USN-8277-1 linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8277-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

EUVD-2026-30917

Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

PT-2026-42241

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.179 Description An out of bounds read in the GPU component allows a remote attacker to potentially exploit heap corruption through the use of a crafted HTML page. Heap corruption occurs when a program...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.179, there was a resource management vulnerability that stemmed from the reuse of GPU resources after they were released. This vulnerability could allow remote attackers to execute arbitrary code within a...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a buffer overflow vulnerability, which was caused by GPU out-of-bound reads. This vulnerability could allow remote attackers to obtain sensitive information from process memory...

Malicious code in @antv/layout-gpu (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Security Bulletin: NVIDIA GPU Display Drivers - May 2026

NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...

Stable Channel Update for Desktop

The Stable channel has been updated to 148.0.7778.178/179 for Windows/Mac and 148.0.7778.178 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

MAL-2026-4057 Malicious code in @antv/layout-gpu (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

@antv/g6 (>=5.0.0-alpha.1 <=5.0.0-beta.28) potentially affected by unknown CVE via @antv/layout-gpu (=1.1.7)

@antv/layout-gpu NPM version =1.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/layout-gpu and may be impacted: - @antv/g6 =5.0.0-alpha.1, =5.0.0-beta.28 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVLAYOUTGPU-16754486...

SUSE CVE-2026-8546

Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-8552

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-8571

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Chromium: CVE-2026-8581 Use after free in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-8553 Use after free in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-8546 Out of bounds read in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-8538 Insufficient validation of untrusted input in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...