Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013007)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013007 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013407 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure sndnxt is properly initialized on connect Christoph reported a splat hinting at a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010968)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010968 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013146)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013146 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: tpmvtpmproxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before...

CVE-2026-33145

A flaw was found in xrdp. An authenticated remote user can exploit this vulnerability due to the unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled, xrdp executes client-supplied AlternateShell values via /bin/sh -c during session...

ROS-20260420-73-0018

A vulnerability in the CMS message handler of the OpenSSL cryptographic library is related to writing outside buffer boundaries when processing an initialization vector. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted packets...

PT-2026-33703

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial factory-default configuration, the device can be configured with the null string password...

Insecure Default Initialization of Resource

Overview @openclaw/feishu is an OpenClaw Feishu/Lark channel plugin community maintained by @m1heng Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via improper validation of the encryptKey configuration and blank callback tokens. An attacker can ga...

DEBIAN-CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145 xrdp: Authenticated RCE via unsanitized AlternateShell execution in xrdp-sesman

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

OESA-2026-1947 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007364 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00probeone There is a memory leak reported by kmemleak:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007309 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007251 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet us...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007473 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007461 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of thi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007229 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program...