1397 matches found
Important: dnsmasq
Issue Overview: A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. CVE-2026-4892 An information disclosure vulnerability in dnsmasq allows remote attackers to...
PT-2026-42117
Name of the Vulnerable Software and Affected Versions haveged affected versions not specified Description A privilege escalation issue exists via the command socket. The software verifies the connecting peer's user ID using SO PEERCRED and sends a NAK response to non-root callers. However,...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
🔴 CVE-2026-31431 — Copy Fail : Répertoire de Prévention É...
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation LPE vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia , the security...
PT-2026-48611
Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A local privilege escalation issue exists in FreeBSD kTLS-RX. The flaw allows a local user to overwrite files they have read access to by utilizing in-place AES-GCM decryption over sendfile2...
CVE-2026-4892
A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...
Exploit for Write-what-where Condition in Linux Linux_Kernel
Dirty Frag check CVE-2026-43284 / CVE-2026-43500 Read-only...
Unity Linux 20.1070e Security Update: aide (UTSA-2026-017376)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017376 advisory. AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buff...
Exploit for Write-what-where Condition in Linux Linux_Kernel
Dirty Frag Technical Analysis CVE-2026-43284 xfrm-ESP / C...
About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" (CVE-2026-43284, CVE-2026-43500) vulnerability
About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" CVE-2026-43284, CVE-2026-43500 vulnerability. According to information from researcher Hyunwoo Kim @v4bel, Dirty Frag is a vulnerability a class of vulnerabilities that allows a local unprivileged attacker to obtain root...
Security Advisory 0138
Security Advisory 0138 PDF Date: May 8, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 8, 2026 | Initial release 1.1 | May 18, 2026 | Updated affected products and added mitigation section The CVE-ID’s tracking this issue: CVE-2026-43284, and CVE-2026-43500. Description Arista Networks is...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CopyFail2 CVE-2026-31431 - Python Implementation Python por...
Security Advisory 0136
Security Advisory 0136 PDF Date: May 1, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 1, 2026 | Initial release 1.1 | May 7, 2026 | Additional required configuration for exploitation information added 1.2 | May 11, 2026 | Advisory updated with additional mitigations. The CVE-ID tracking th...
Exploit for CVE-2026-31431
Copy Fail PoC English Python PoC for CVE-2026-31431,...
Exploit for CVE-2026-31431
CVE-2026-31431 — Copy Vulnerability Linux Kernel Page Cache...
OpenClaw: Webchat audio embedding could read local files without local-root containment
Impact OpenClaw deployments before 2026.4.15 could embed host-local audio files into webchat responses without applying the local media root containment check used by other media-serving paths. If an attacker could influence an agent or tool-produced ReplyPayload.mediaUrl, the webchat audio...
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.
...
CVE-2026-41366
OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...
EUVD-2026-25946
OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...
CVE-2026-41366
OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...