Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)

Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...

CVE-2026-9083

A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...

CVE-2026-9083

A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...

EUVD-2026-39341

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

EUVD-2026-39212

In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devlunregister, which calls devlinkrelput. This misses devlink instances that get a nested relation before registration and then fa...

CVE-2026-53261

CVE-2026-53261 (Linux kernel devlink): A nested devlink relation may leak if a child is linked before registration and probe fails; devl_unregister() does not run, so devlink->rel isn’t released. The fix releases any pending relation from devlink_free(), leaving the registered path unchanged b...

EUVD-2026-39323

In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...

CVE-2026-53232

In the Linux kernel, this CVE covers a fix in net: phy: clean the sfp upstream if phy probing fails. Sashiko noted that sfp_bus_del_upstream() was not invoked on probe failure, leaving the sfp-bus with a dangling upstream field that could be used later during SFP events. The issue predates the ge...

EUVD-2026-39322

In the Linux kernel, the following vulnerability has been resolved: net: phy: don't try to setup PHY-driven SFP cages when using genphy We don't have support for PHY-driver SFP cages with the genphy code. On top of that, it was found by sashiko that running sfpbusaddupstream for genphy deadlocks,...

EUVD-2026-39295

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...

CVE-2026-53204

The CVE-2026-53204 issue concerns the Linux kernel firmware component for Stratix10 RSU. A NULL pointer dereference could occur if rsu_send_msg() times out during probe and subsequent error cleanup would still queue messages on a cleared channel. The fix adds proper cleanup: remove the async clie...

CVE-2026-53204

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...

EUVD-2026-39233

In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe-info.probedisplay. It gets set to false if there's no display aft...

CVE-2026-53142

CVE-2026-53142 affects the Linux kernel’s drm/xe/display path. The xe driver tracks whether to probe display via xe->info.probe_display, which can be set to false after intel_display_device_probe() if no display is present or later disabled by fuses. In that state, xe_display_flush_cleanup_wor...

CVE-2026-53095

A flaw was found in the Linux kernel. This vulnerability allows for the abuse of the kprobewritectx mechanism through freplace in Berkeley Packet Filter BPF kprobe programs. A local attacker could exploit this by attaching a freplace program to a kprobe program that is attached to a kernel...

EUVD-2026-38860

In the Linux kernel, the following vulnerability has been resolved: fs/adfs: validate nzones in adfsvalidatebblk Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When nzones is 0, adfsreadmap passes it to kmallocarray0, ... which return...

EUVD-2026-38987

In the Linux kernel, the following vulnerability has been resolved: platform/wmi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which c...

EUVD-2026-38909

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...

CVE-2026-52992

CVE-2026-52992 concerns the Linux kernel ADfS boot-block validation. The vulnerability arises in fs/adfs when nzones is 0: adfs_read_map() passes 0 to kmalloc_array, returning ZERO_SIZE_PTR, and adfs_map_layout() then writes to dm[-1], causing an out-of-bounds write before the allocated buffer. T...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: Fixed NULL dereferencing in asocqcomlpasscpuplatformprobe. The devmkzalloc function in asocqcomlpasscpuplatformprobe might potentially return a NULL pointer. NULL pointer dereferencing could occur without any...