OSV-2026-156 Segv on unknown address in aivdm_analyze

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478021379 Crash type: Segv on unknown address Crash state: aivdmanalyze gpsdpoll FuzzDrivers.c...

WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Jakub Herman in WordPress Plugin TS Poll versions = 2.5.5...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005075)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005075 advisory. In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndopollcontroller to avoid deadlocks Erhard reports netpoll warnings from...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in eventpoll CVE-2025-38349 kernel: drm/xe: Fix...

SUSE CVE-2025-71149

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

AZL-75147 CVE-2025-71149 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...

CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71149

...

CVE-2025-71149

CVE-2025-71149 is reported in multiple advisories as a Linux kernel io_uring/poll issue. The root cause is incorrect handling of the return value from io_poll_add() during updates, which can affect completion/event signaling (CQEs) for POLL_ADD/POLL_REMOVE scenarios. Affected advisories reference...

CVE-2025-71149

Removed by vendor...

CVE-2025-71149

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71149 io_uring/poll: correctly handle io_poll_add() return value on update

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...

OESA-2026-1228 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndopollcontroller to avoid deadlocks There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b "eth: sungem:...

CVE-2026-23962

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

Linux Distros Unpatched Vulnerability : CVE-2025-71149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was...

CVE-2026-23962

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

EUVD-2026-4208

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

CVE-2026-23962 Mastodon vulnerable to Denial of Service from a single post (client/server)

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...