CVE-2026-53047

A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...

CVE-2026-53274

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...

CVE-2026-53126

A flaw was found in the Linux kernel's blk-cgroup component. This vulnerability occurs due to a missing disk reference release on an error path within the blkcgmaybethrottlecurrent function. When certain lookups or gets fail, the disk reference acquired is not properly freed. This oversight can...

CVE-2026-0064

In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-45169 Idira Privileged Access Manager (PAM) Self-Hosted Vault: Denial of Service due to Unexpected Input Processing

Idira Privileged Access Manager PAM Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnerability. Under specific circumstances and configuration scenarios, processing unexpected input could potentially lead to an unexpected service termination, resulti...

EUVD-2026-35685

Out-of-bounds read in Microsoft UxTheme Library uxtheme.dll allows an authorized attacker to deny service locally...

CVE-2026-20456

In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338...

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0069

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0060

Technical details about CVE-2026-0060 are not publicly available in the provided documents. No affected products, vectors, or mitigations are specified here. Monitor for updates as new information becomes available.

CVE-2026-0060

In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0070

In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the exhaustion of function resources in ubsanthrowingruntime.cpp. This vulnerability may lead to local persistent denial-of-service...

CVE-2025-71309

A flaw was found in the Linux kernel's ntfs3 filesystem driver. An issue with incorrect lock ordering between the inode mutex and page locks during compressed frame reading can lead to a deadlock. This vulnerability allows a local attacker to cause a system to hang, resulting in a Denial of Servi...

CVE-2026-46203

A flaw was found in the Linux kernel, specifically within the spi: cadence-quadspi driver. This vulnerability occurs when the controller is not properly runtime resumed before being disabled during driver unbind, leading to unclocked register access. A local attacker could potentially exploit thi...

CVE-2026-45852

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

Unity Linux 20.1060e / 20.1070e Security Update: spice-vdagent (UTSA-2026-016615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016615 advisory. A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in...

CVE-2026-36189

Buffer Overflow vulnerability in Uncrustify Project Affected v.Uncrustifyd-0.82.0-132-bcc41cbdc and Fixed in commit 68e67b9a1435a1bb173b106fedb4a4f510972bdc allows a local attacker to cause a denial of service via the checktemplate.cpp, checktemplate function, tokenizecleanup function, uncrustify...

CVE-2026-36189

Buffer Overflow vulnerability in Uncrustify Project Affected v.Uncrustifyd-0.82.0-132-bcc41cbdc and Fixed in commit 68e67b9a1435a1bb173b106fedb4a4f510972bdc allows a local attacker to cause a denial of service via the checktemplate.cpp, checktemplate function, tokenizecleanup function, uncrustify...

Astra Linux - уязвимость в mariadb-10.3

MariaDB Server before version 10.7 is vulnerable to Denial of Service attacks. In the file extra/mariabackup/dsxbstream.cc, when an error occurs e.g., streamctxt-destfile == NULL while executing the xbstreamopen method, the held lock is not released properly. This allows local users to trigger a...