CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

CVE-2025-65715

An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...

WordPress Open User Map plugin <= 1.4.16 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Open User Map versions = 1.4.16...

SUSE CVE-2026-23189

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

Code Runner 安全漏洞

Code Runner is a code execution tool developed by Jun Han. Version 0.12.2 of Code Runner has a security vulnerability, which stems from an issue with the code-runner.executorMap setting. This vulnerability could allow for the execution of arbitrary code...

PT-2026-8377

Smoothwall Express 3.1-SP4-polar-x86 64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payloa...

CVE-2025-65715

An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...

PT-2026-8354

Name of the Vulnerable Software and Affected Versions Code Runner versions prior to 0.12.2 Description A flaw exists in the code-runner.executorMap setting of the Code Runner extension for Visual Studio Code. This allows for the execution of arbitrary code when a specially crafted workspace is...

CVE-2025-65715

An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...

CVE-2025-65715

An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...

CVE-2026-1096

The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'latitude' and 'longitudinal' parameters of the 'googlemapview' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible f...

CVE-2026-23174

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

CVE-2026-23199

CVE-2026-23199 : In the Linux kernel, procfs could deadlock by fetching the optional build ID while holding the VMA lock. The fix changes PROCMAP_QUERY to obtain the optional build ID only after dropping mmap_lock or after acquiring the per-VMA lock used to guard the VMA, preventing the cross-loc...

CVE-2026-23189

CVE-2026-23189 concerns a NULL pointer dereference in ceph_mds_auth_match() within the CephFS kernel client. The patch reworks ceph_mdsmap_decode() and namespace_equals() so that ceph_mdsmap contains an extracted FS name (m_fs_name) and the code path uses this value for strict authorization check...

EUVD-2026-5854

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

CVE-2026-23189

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

CVE-2026-23189 ceph: fix NULL pointer dereference in ceph_mds_auth_match()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

CVE-2026-23189 ceph: fix NULL pointer dereference in ceph_mds_auth_match()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

CVE-2026-23174 nvme-pci: handle changing device dma map requirements

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

CVE-2026-23174

The CVE-2026-23174 entry concerns the Linux kernel nvme-pci subsystem. Root cause: dma_needs_unmap may switch from false to true during data-iterator mapping, and the nvme driver must preserve mapped DMA vectors for later unmapping. The fix is to allocate/unprepare storage for DMA vectors on dema...