Linux Distros Unpatched Vulnerability : CVE-2026-43356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: imu: adis: Fix NULL pointer dereference in adisinit The adisinit function dereferences adis-ops to check if the individual function pointers write, read,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021557)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021557 advisory. In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in killkprobe In killkprobe, the check whether...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021561 advisory. In the Linux kernel, the following vulnerability has been resolved: vme: Fix error not catched in fakeinit In fakeinit, rootdeviceregister is possible to fail but it...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021576)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021576 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix a null-ptr-deref in tipctopsrvaccept syzbot found a crash in tipctopsrvaccept: KASAN:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021559 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021610 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in applystateadjustrules Check the pointer value ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021584)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021584 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP or VSS daemon star...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021524)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021524 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report...

krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service DoS...

CLSA-2026-1779225366 libxml2: Fix of CVE-2022-2309

CVE-2022-2309: reset nsNr in xmlCtxtReset and htmlCtxtReset to prevent NULL pointer dereference / DoS triggered via crafted XML or HTML input reused across parser context resets...

NULL Pointer Dereference

Overview @haxtheweb/haxcms-nodejs is a HAXcms nodejs backend Affected versions of this package are vulnerable to NULL Pointer Dereference when an authenticated attacker sends a specially crafted site creation request to the createSite endpoint. A single request is sufficient to take the entire...

CVE-2026-7262

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

EUVD-2026-30965

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

CVE-2026-32134

CVE-2026-32134 affects NanoMQ subinfol is freed/NULL’d before restoration, and the transport iterates it without NULL checks. It is fixed in version 0.24.11; upgrade to that release or later to mitigate. No exploitation details are provided in the available documents.

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

OPENSUSE-SU-2026:20769-1 Security update for mozjs115

This update for mozjs115 fixes the following issues: Changes in mozjs115: - CVE-2026-32776: Fixed a NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728 - CVE-2026-32777: Fixed a denial of service due to infinite loop in DTD...

Advisory ROSA-SA-2026-3272

software: harfbuzz 7.0.1 OS: ROSA-CHROME unaffected versions = harfbuzz-7.0.1-3 affected versions harfbuzz-7.0.1-3 CVE-ID: CVE-2026-22693 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing vulnerability in HarfBuzz is related to a lack of validation of the hbmalloc return value...