CVE-2025-71304

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Cyclic allocation of msgid to avoid reuse. Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed, resulting in a hung task, as shown below: t1 | t2 | t3...

UBUNTU-CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

EUVD-2026-9497

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

CVE-2026-0924 BuhoCleaner 1.15.2 - Local Privilege Escalation via PID reuse attack

BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2...

EUVD-2026-5109

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

PT-2026-5658

Name of the Vulnerable Software and Affected Versions Native Access affected versions not specified Description The XPC service within Native Access’s privileged helper is susceptible to a security issue. The service utilizes the process ID PID of connecting clients to validate code signatures,...

Native Instruments Native Access 安全漏洞

Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access. This vulnerability stems from the Privilege Assistant XPC service using client PID for verifying code...

CVE-2023-29147

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier...

CVE-2025-6515

The CVE concerns oatpp-mcp’s MCP SSE endpoint, where a session ID is derived from an instance pointer instead of a unique, cryptographically secure value. This enables a network attacker with access to the oatpp-mcp server to predict/guess future session IDs, hijack legitimate MCP sessions, and c...

CVE-2025-4644

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

GHSA-26RV-H2HF-3FW4 Payload's SQLite adapter Session Fixation vulnerability

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

Payload's SQLite adapter Session Fixation vulnerability

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

CVE-2025-4644

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

CVE-2025-4644 User Session Fixation after Account Removal in PayloadCMS

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

CVE-2025-4644

CVE-2025-4644 describes a Session Fixation vulnerability in Payload’s SQLite adapter where an attacker could trigger identifier reuse during account creation. The attacker could create an account, store its JWT, delete the account, and later a new user would receive the same identifier, enabling ...

Payload 授权问题漏洞

Payload is a Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Payload suffers from an authorization issue vulnerability that stems from SQLite adapters reusing identifiers during account creation, which could lead to a session fixation attack...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of msgid after maliciously completing a reopen request, which could result in a read request being...

CVE-2023-29147

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier...