CLSA-2026-1773046198 kernel: Fix of 31 CVEs

smb3: fix for slab out of bounds on mount to ksmbd CVE-2025-38728 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - ALSA: usb-audio: Validate UAC3 power domain descriptors, too CVE-2025-38729 - net: atm: fix /proc/net/atm/lec handling CVE-2025-38180 - tcpbpf:...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-098 (ALASKERNEL-5.15-2026-098)

The version of kernel installed on the remote host is prior to 5.15.201-140.219. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-098 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in b...

RHEL 7 : kernel (RHSA-2026:3685)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3685 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory corruptio...

AegisUI: Behavioral Anomaly Detection for Structured User Interface Protocols in AI Agent Systems

AI agents that build user interfaces on the fly assembling buttons, forms, and data displays from structured protocol payloads are becoming common in production systems. The trouble is that a payload can pass every schema check and still trick a user: a button might say "View invoice" while its...

CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

RHEL 7 : kernel-rt (RHSA-2026:3634)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3634 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CVE-2026-0013

In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0013

The CVE-2026-0013 advisory describes a vulnerability in PickActivity.java where the setupLayout flow can allow a DocumentsUI app to start any activity, enabling local escalation of privilege via a confused deputy without user interaction. The description notes no explicit exploitation prerequisit...

EUVD-2026-9231

In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

RHEL 8 : kernel (RHSA-2026:3360)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3360 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: RDMA/core: Fix KASAN:...

RockyLinux 9 : kernel (RLSA-2026:2722)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2722 advisory. kernel: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans CVE-2023-53034 kernel: smc: Fix use-after-free in pnetfindbasendev CVE-2025-400...

CVE-2026-25930

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

AlmaLinux 9 : kernel (ALSA-2026:2722)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2722 advisory. kernel: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans CVE-2023-53034 kernel: smc: Fix use-after-free in pnetfindbasendev CVE-2025-4006...

CVE-2026-25930

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

EUVD-2026-8717

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

CVE-2026-25930 OpenEMR's Printable LBF Endpoint Leaks Arbitrary Patient Forms

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

CVE-2026-25930

OpenEMR before version 8.0.0 is affected by a vulnerability in the Layout-Based Form (LBF) printable view: the request can supply formid and visitid/patientid without verifying that the form belongs to the authenticated user’s patient/encounter. An authenticated user with LBF access can enumerate...