PT-2026-43983

IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...

SAMD: A Tool for Identifying False Data Injection Scenarios in AI/ML-Enabled Medical Devices

The growing integration of artificial intelligence AI and machine learning ML in medical systems requires effective measures to address emerging security risks. One such risk is that of adversaries introducing false data through vulnerable system components during inference, causing misdiagnosis...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect conversion of physical addresses during the putfolios cleanup process in memfdluo,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the Intel VT-d driver failing to clear the Present bit before deleting PASID table entries. This...

PT-2026-44634

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A heap buffer overflow exists in ANGLE. This issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a speciall...

PT-2026-43729

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

PT-2026-43671

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arena vm close on fork arena vm open only bumps vml-mmap count but never registers the child VMA in arena-vma list. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangle...

PT-2026-44556

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in Passwords on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the u...

PT-2026-44682

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds write occurs in the GPU, which allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability, which stemmed from issues with reusing resources after they were released in Skia. This vulnerability could allow remote attackers who have...

PT-2026-44645

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in the UI component on Windows allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieve...

PT-2026-44603

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in the GPU component allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape. This is triggered through...

PT-2026-43812

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix race condition during PASID entry replacement The Intel VT-d PASID table entry is 512 bits 64 bytes. When replacing an active PASID entry e.g., during domain replacement, the current implementation calculates a ne...

PT-2026-43912

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: skip reading rdevs that are not in sync When reading bitmap pages from member disks, the code iterates through all rdevs and attempts to read from the first available one. However, it only checks for raid disk...

TeamSpeak 3 Server 资源管理错误漏洞

TeamSpeak 3 Server is a real-time voice communication server software developed by the TeamSpeak company. Versions of TeamSpeak 3 Server prior to 3.13.7 contained a resource management vulnerability. This vulnerability stemmed from the processresendqueue function in the Connection State Managemen...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions that occur during the uninstallation process under LAG errors. This vulnerability...

PT-2026-44050

A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process resend queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of CPU cache flushing before writing PASID table addresses to the PASID directory entries. Thi...

ALSA-2026:21380 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on Windows before 148.0.7778.216, there was a resource management vulnerability. This vulnerability stemmed from the XR component allowing reusing of resources after they were released. This could allow remote...