SUSE CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

CVE-2026-27671

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

CVE-2026-27671

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

EUVD-2026-35278

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

PT-2026-47758

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the tun xdp one function returns -EINVAL for frames shorter than ETH HLEN without freeing the page allocated by vhost net build xdp. Because...

PT-2026-47906

Name of the Vulnerable Software and Affected Versions Windows NT OS Kernel affected versions not specified Description An integer underflow wrap or wraparound in the Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. This issue enables a user with a local foothold t...

Linux Distros Unpatched Vulnerability : CVE-2026-46296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50305)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50305 advisory. - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017590 CVE-2025-10263 - net: skbuff: propagate shared-frag marker through...

PT-2026-47786

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additional step beyond setting the rlimit. Refactor the code so its clear when what code is setting the limit and conditionally update the posix cpu timers wh...

PT-2026-47754

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM arm64 component where the kvm-arch.nested mmus array is accessed under the kvm-mmu lock, including within the MMU notifier path via the functions kvm unmap gfn...

PT-2026-48018

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free issue in the Windows Kernel allows an unauthorized attacker to execute code remotely over a network. This flaw enables remote, unauthenticated code execution at...

Linux Distros Unpatched Vulnerability : CVE-2026-46317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange -...

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

PT-2026-47989

Access of resource using incompatible type 'type confusion' in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...

PT-2026-47784

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi transfer struct initialisation Make sure that the spi transfer struct is zeroed out before use...

PT-2026-47699

DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-47783

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE SIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGE SIZE. The core issue is that rxe set page is call...

PT-2026-47756

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the act ct component of the Linux kernel. The problem occurs in the tcf ct flow table get function when looking up a flow table. The function...

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50306)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50306 advisory. - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017592 CVE-2025-10263 - ptrace: slightly saner 'getdumpable' logic Linus...