EUVD-2026-35278

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

PT-2026-47758

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun xdp one tun xdp one returns -EINVAL on a frame shorter than ETH HLEN without freeing the page that vhost net build xdp allocated for it. tun sendmsg discards that -EINVAL and still...

PT-2026-47754

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested mmus array behind mmu lock kvm-arch.nested mmus is walked under kvm-mmu lock, including from the MMU notifier path kvm unmap gfn range - kvm nested s2 unmap, which can run at any time. kvm vcpu init...

PT-2026-47786

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additional step beyond setting the rlimit. Refactor the code so its clear when what code is setting the limit and conditionally update the posix cpu timers wh...

Linux Distros Unpatched Vulnerability : CVE-2026-46317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange -...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50305)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50305 advisory. - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017590 CVE-2025-10263 - net: skbuff: propagate shared-frag marker through...

PT-2026-48018

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free issue in the Windows Kernel allows an unauthorized attacker to execute code remotely over a network. This flaw enables remote, unauthenticated code execution at...

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

UBUNTU-CVE-2026-46297

In the Linux kernel, the following vulnerability has been resolved: net: libwx: use requestirq for VF misc interrupt Currently, requestthreadedirq is used with a primary handler but a NULL threaded handler, while also setting the IRQFONESHOT flag. This specific combination triggers a WARNING sinc...

Linux Distros Unpatched Vulnerability : CVE-2026-46296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the...

UBUNTU-CVE-2026-46319

net/sched: actct: Only release RCU read lock after ctft...

UBUNTU-CVE-2026-46279

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

PT-2026-47906

Name of the Vulnerable Software and Affected Versions Windows NT OS Kernel affected versions not specified Description An integer underflow wrap or wraparound in the Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. This issue enables a user with a local foothold t...

UBUNTU-CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

PT-2026-47783

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE SIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGE SIZE. The core issue is that rxe set page is call...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50306)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50306 advisory. - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017592 CVE-2025-10263 - ptrace: slightly saner 'getdumpable' logic Linus...

PT-2026-47989

Access of resource using incompatible type 'type confusion' in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...

PT-2026-47784

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi transfer struct initialisation Make sure that the spi transfer struct is zeroed out before use...

PT-2026-47756

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the act ct component of the Linux kernel. The problem occurs in the tcf ct flow table get function when looking up a flow table. The function...

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...