CVE-2026-55706

sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...

CVE-2026-48059

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

CVE-2026-45416

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2400)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is...

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7939-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7939-2 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwee...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-8412-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8412-1 advisory. Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly...

ROS-20260611-73-0039

The vulnerability of the Linux operating system’s network protocol implementation is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...

CVE-2026-52758 Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in BSim Search

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

EUVD-2026-36017

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

PT-2026-48418

Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 12.1 Description BSim filter types concatenate user-supplied values directly into SQL queries without escaping or parameterization. This allows remote attackers to inject arbitrary SQL via the BSim network query protoc...

CVE-2026-42915

Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally...

CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability

...

EUVD-2026-35727

Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...

CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability

...

PT-2026-47894

Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description An incorrect calculation of buffer size in the TCP/IP stack allows an authorized attacker to cause a denial-of-service condition over an adjacent network. Recommendations At the moment...

📄 Samba SMB Printer Queue Command Injection / Remote Task Delivery

This Python script is a structured exploitation framework targeting Samba print services exposed over SMB port 445. It focuses on printer-share interaction, payload delivery testing, and command execution workflows through manipulated print job submissions. It's written to target versions 4.22.10...

SUSE-SU-2026:21943-1 Security update for busybox

This update for busybox fixes the following issue - CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client bsc1263989...

batman-adv: stop caching unowned originator pointers in BAT IV

...

CVE-2026-46227

CVE-2026-46227 describes a race in the Linux kernel SCTP SENDALL path. The sctp_sendmsg() loop over ep-&gt;asocs caches the next entry in @tmp, then calls sctp_sendmsg_to_asoc() after dropping the socket lock, allowing a second thread to peel off the cached association and migrate it to a new end...

CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...