PT-2026-8213

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the smb2 open file function within the SMB/client component of the Linux kernel. The issue occurs when directories are exported as read-only, and a CIFS mount is...

CVE-2025-15132 ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open command injection

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-13706

Tencent PatrickStar mergecheckpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent PatrickStar. User interaction is required to exploit this vulnerability in that the...

kernel: kernfs: Fix UAF in polling when open file is released

A use-after-free race condition exists in the linux kernel such that When cgroup.pressure is disabled, it releases PSI triggers via cgroupfilerelease, Frees of-priv through kernfsdrainopenfiles leading to damage to the availability and integrity of the system...

JLSEC-2025-305 A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existen...

A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones...

kernel: smb/client: fix memory leak in smb2_open_file()

A memory leak flaw was found in the Linux kernel's CIFS/SMB client. In the smb2openfile function, request buffers are not properly freed when performing direct I/O writes to a read-only SMB share. This causes slab cache objects to remain allocated, which can prevent the cifs module from unloading...

kernel: kernfs: Fix UAF in polling when open file is released

A use-after-free race condition exists in the linux kernel such that When cgroup.pressure is disabled, it releases PSI triggers via cgroupfilerelease, Frees of-priv through kernfsdrainopenfiles leading to damage to the availability and integrity of the system...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1223)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1223 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow CVE-2025-39877 In the Linux kernel, the following vulnerability has been...

EUVD-2025-34233

An improper authentication vulnerability CWE-287 in Fortinet FortiAnalyzer version 7.6.0 through 7.6.3 and before 7.4.6 allows an unauthenticated attacker to obtain information pertaining to the device's health and status, or cause a denial of service via crafted OFTP requests...

Fortinet FortiAnalyzer 授权问题漏洞

FortiAnalyzer is Fortinet's centralized security analysis and reporting platform. A security vulnerability exists in FortiAnalyzer that stems from a flaw in the authentication mechanism for OFTP requests. An attacker can exploit this vulnerability to obtain device operational status information o...

EUVD-2002-1113

Malware in sbrugna...

EUVD-2000-0377

Malware in sbrugna...

CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configurable JWT Secret and File-Type Validation to Unauthenticated Remote Code Execution

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreaphandleimage Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachment...

kernfs: Fix UAF in polling when open file is released

...

CVE-2025-39881

In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in psitriggerpoll+0x3c/0x140 Read...

AZL-67637 CVE-2025-39881 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in psitriggerpoll+0x3c/0x140 Read...

CVE-2025-39881

In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in psitriggerpoll+0x3c/0x140 Read...

CVE-2025-39881 kernfs: Fix UAF in polling when open file is released

In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in psitriggerpoll+0x3c/0x140 Read...

DEBIAN-CVE-2025-38698

In the Linux kernel, the following vulnerability has been resolved: jfs: Regular file corruption check The reproducer builds a corrupted file on disk with a negative isize value. Add a check when opening this file to avoid subsequent operation failures...

AZL-66821 CVE-2025-38698 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: jfs: Regular file corruption check The reproducer builds a corrupted file on disk with a negative isize value. Add a check when opening this file to avoid subsequent operation failures...