WordPress TS Poll < 2.4.0 - SQL Injection

WordPress TS Poll plugin 2.4.0 contains a SQL injection caused by lack of sanitization and escaping of a parameter before using it in a SQL statement, letting attackers perform SQL injection attacks, exploit requires admin privileges. id: CVE-2024-8625 info: name: WordPress TS Poll 2.4.0 - SQL...

CVE-2026-53321

CVE-2026-53321 : In the Linux kernel, the io_uring/napi path was missing a cap on the maximum polling time when no events are found. The issue arises from napi potentially polling for longer than reasonable times, leading to task stagnation without conditional rescheduling. A fix caps the total b...

EUVD-2026-39856

In the Linux kernel, the following vulnerability has been resolved: iouring/napi: cap busypollto 10 msec Currently there's no cap on the maximum amount of time that napi is allowed to poll if no events are found, which can lead to kernel complaints on a task being stuck as there's no conditional...

EUVD-2026-38813

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

CVE-2026-52945 Revert "wireguard: device: enable threaded NAPI"

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

CVE-2026-52933

A flaw was found in the Linux kernel's iouring/poll component. A logic error exists in the iopollgetownership function due to an incorrect signed comparison. This flaw prevents the necessary slowpath from being triggered when the IOPOLLCANCELFLAG is set, potentially leading to unexpected behavior...

CVE-2026-52933

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: fix signed comparison in iopollgetownership iopollgetownership uses a signed comparison to check whether pollrefs has reached the threshold for the slowpath: if unlikelyatomicread&req-pollrefs = IOPOLLREFBIAS...

UBUNTU-CVE-2026-52933

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: fix signed comparison in iopollgetownership iopollgetownership uses a signed comparison to check whether pollrefs has reached the threshold for the slowpath: if unlikelyatomicread&req-pollrefs = IOPOLLREFBIAS...

EUVD-2026-38703

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: fix signed comparison in iopollgetownership iopollgetownership uses a signed comparison to check whether pollrefs has reached the threshold for the slowpath: if unlikelyatomicread&req-pollrefs = IOPOLLREFBIAS...

CVE-2026-52933 io_uring/poll: fix signed comparison in io_poll_get_ownership()

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: fix signed comparison in iopollgetownership iopollgetownership uses a signed comparison to check whether pollrefs has reached the threshold for the slowpath: if unlikelyatomicread&req-pollrefs = IOPOLLREFBIAS...

CVE-2026-52933

CVE-2026-52933 affects the Linux kernel’s io_uring/poll component. The root cause is a signed comparison in io_poll_get_ownership() where atomic_read(&req-&gt;poll_refs) is compared to IO_POLL_REF_BIAS; when IO_POLL_CANCEL_FLAG (BIT(31)) is set, the value becomes negative, causing the slowpath to...

CVE-2026-52933

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: fix signed comparison in iopollgetownership iopollgetownership uses a signed comparison to check whether pollrefs has reached the threshold for the slowpath: if unlikelyatomicread&req-pollrefs = IOPOLLREFBIAS...

CVE-2026-52918 Bluetooth: serialize accept_q access

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize acceptq access btsockpoll walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last reference. The unsynchronized accept queue walk has existed since th...

Linux Distros Unpatched Vulnerability : CVE-2026-52933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/poll: fix signed comparison in iopollgetownership iopollgetownership uses a signed comparison to check whether pollrefs has reached the threshold for th...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: fec: removed .ndopollcontroller to avoid deadlocks. A deadlock issue was found in the sungem driver. Please refer to the commit ac0a230f719b “eth: sungem: removed .ndopollcontroller to avoid deadlocks”. The root cause of the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed a data race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without ensuring that the other lock is held, and without checking whether its receive queue is full. In this case, we need to use...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: Fixed rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enabled threaded busypoll, bpftrace hung during startup. The output from dmesg was as follows: rcutaskswaitgp: rcutasks grace...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduced a -pollcci method For the ACPI backend of UCSI, the UCSI “registers” are merely a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the contents of t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When a poll request times out, it is removed from the poll list. However, since the request is not completed, it becomes exposed and never gets a chance to be processed. This issue is...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vmcihost: A race condition in vmcihostpoll caused by a General Protection Fault GPF has been fixed. During fuzzing, a General Protection Fault was observed in vmcihostpoll. The General Protection Fault occurred, likely due to...