Lucene search
K

10165 matches found

Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53221 ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix incorrect tunnel matching in vti6tnllookup In vti6tnllookup, when an exact match for a tunnel fails, the code falls back to searching for wildcard tunnels: - Tunnels matching the packet's local address, with any remot...

9.8CVSS0.00559EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39305

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...

5.8AI score0.00122EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 6:40 a.m.11 views

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 12:7 a.m.7 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.4 views

The vulnerability of the `ip6_err_gen_icmpv6_unreach()` function in the `net/ipv6/icmp.c` module of the Linux operating system allows a attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ip6errgenicmpv6unreach function in the net/ipv6/icmp.c module of the Linux operating system is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause...

10CVSS6.2AI score0.00255EPSS
Exploits0References13Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We onl...

9.8CVSS5.6AI score0.00377EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/06/25 12:0 a.m.8 views

Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

AlmaLinux 9 : buildah (ALSA-2026:29455)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29455 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...

9.1CVSS6.9AI score0.00728EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

RockyLinux 10 : skopeo (RLSA-2026:29035)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:29035 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References9
OSV
OSV
added 2026/06/25 12:0 a.m.5 views

ALSA-2026:29703 Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.12.92 (RHSA-2026:26527)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26527 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...

10CVSS7AI score0.01945EPSS
Exploits3References12
AlmaLinux
AlmaLinux
added 2026/06/25 12:0 a.m.7 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 7:41 p.m.21 views

CVE-2026-47389 Mastodon: SSRF protection bypass on older Ruby versions

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older than 3.4, PrivateAddressCheck.privateaddress? returns false for IPv4-mapped IPv6 addresses ::ffff:a.b.c.d corresponding to some private IPv4 addresses,...

8.6CVSS0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 7:39 p.m.15 views

CVE-2026-46348 Mastodon: SSRF Bypass via IPv6 Unspecified Address (::)

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, the list of disallowed IP address ranges was lacking an IP address range that can be used to reach local IP addresses. An attacker can use an IP address in the affected range to make...

8.7CVSS0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 7:39 p.m.33 views

CVE-2026-46348

CVE-2026-46348 affects Mastodon servers prior to 4.5.10, 4.4.17, and 4.3.23. The issue stems from the disallowed IP range list lacking an IPv6 unspecified address (::), allowing an attacker to induce HTTP requests to loopback interfaces and potentially access private resources and services. Impac...

8.7CVSS5.9AI score0.00337EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/24 7:30 p.m.5 views

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38880

In the Linux kernel, the following vulnerability has been resolved: nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all groups containing this nexthop is not updated. This is because...

5.7AI score0.00185EPSS
Exploits0References9
CVE
CVE
added 2026/06/24 6:10 p.m.7 views

CVE-2026-53944

Affected software: Ghost CMS (Node.js) versions 6.0.9 through 6.21.1. Vulnerability: When Ghost makes an external request, an IPv6 literal can map to a private IPv4 address, bypassing the internal IP filter and potentially reaching internal services. Root cause: IP-filter bypass via IPv6-to-IPv4 ...

5.8CVSS5.9AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.31 views

CVE-2026-53070 sctp: disable BH before calling udp_tunnel_xmit_skb()

In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...

7.5CVSS0.0035EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.12 views

CVE-2026-53012

CVE-2026-53012 : In the Linux kernel, a race/logic error allows IPv6 routes to reference an IPv4 nexthop because the has_v4 flag in groups is not updated when the nexthop family changes from AF_INET6 to AF_INET. The issue occurs when an IPv6 nexthop is replaced with an IPv4 nexthop and the has_v4...

5.7AI score0.00185EPSS
Exploits0References8
Rows per page
Query Builder