PT-2026-20745

Server-Side Request Forgery SSRF vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through = 2.5.5...

WordPress plugin TS Poll 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

kernel: Linux kernel use-after-free in eventpoll

A flaw was found in the Linux kernel's eventpoll epoll mechanism. A local attacker could exploit a use-after-free vulnerability due to incorrect handling of the 'ep' refcount while the 'ep' mutex is still held. This can lead to memory corruption, potentially allowing the attacker to achieve...

OSV-2026-240 Use-of-uninitialized-value in packet_get1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=483928517 Crash type: Use-of-uninitialized-value Crash state: packetget1 gpsdpoll FuzzDrivers.c...

OSV-2026-226 UNKNOWN WRITE in decode_xa2_00

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482909898 Crash type: UNKNOWN WRITE Crash state: decodexa200 tsipparseinput gpsdpoll...

OSV-2026-212 UNKNOWN READ in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482617785 Crash type: UNKNOWN READ Crash state: gpsdpoll FuzzDriversStructured.c...

OSV-2026-205 UNKNOWN READ in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481932457 Crash type: UNKNOWN READ Crash state: gpsdpoll FuzzDrivers.c...

SUSE SLES16 Security Update : dpdk (SUSE-SU-2026:20218-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20218-1 advisory. Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the...

openSUSE 16 Security Update : dpdk (openSUSE-SU-2026:20148-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20148-1 advisory. Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak...

BIT-MASTODON-2026-23962 Mastodon vulnerable to Denial of Service from a single post (client/server)

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

PT-2026-6340

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

OPENSUSE-SU-2026:20148-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other issues fixed...

SUSE-SU-2026:20218-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other issues fixed...

SUSE-SU-2026:20209-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other issues fixed...

📄 WP-Polls 2.73 Cross Site Scripting

A cross site scripting vulnerability exists in WP-Polls WordPress Plugin version 2.73. This issue is older research added to the archive. WP-Polls 2.73 - Reflected Cross-site Scripting Advisory ID: RO-16-005 CVE ID: CVE-2016-10936 Severity: Medium Vendor: WordPress Product: WP-Polls Version: 2.73...

OSV-2026-167 Use-of-uninitialized-value in aivdm_analyze

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479564939 Crash type: Use-of-uninitialized-value Crash state: aivdmanalyze gpsdpoll FuzzDrivers.c...

WordPress Himer theme < 2.1.1 - Bypass Poll Voting Restrictions via CSRF vulnerability

Bypass Poll Voting Restrictions via CSRF vulnerability discovered by Sushmita Poudel in WordPress Theme Himer versions 2.1.1...

WordPress Light Poll plugin <= 1.0.0 - Polls Deletion via CSRF vulnerability

Polls Deletion via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin Light Poll versions = 1.0.0...

WordPress TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin < 2.4.0 - Admin+ SQL Injection vulnerability

WordPress TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin 2.4.0 - Admin+ SQL Injection vulnerability discovered by Chu Quoc Khanh in WordPress Plugin TS Poll versions 2.4.0...

kernel: xsk: check IFF_UP earlier in Tx path

In the Linux kernel, the following vulnerability has been resolved: xsk: check IFFUP earlier in Tx path Xsk Tx can be triggered via either sendmsg or poll syscalls. These two paths share a call to common function xskxmit which has two sanity checks within. A pseudo code example to show the two...