CVE-2026-31760

The CVE-2026-31760 issue affects the Linux kernel GPIB gpib: lpvo_usb driver, where the driver incorrectly retains references to USB devices during GPIB attach, causing a memory leak on disconnect. The root cause is not releasing those references after attaching, leading to resource retention. Th...

CVE-2026-31732 gpio: Fix resource leaks on errors in gpiochip_add_data_with_key()

In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochipadddatawithkey Since commit aab5c6f20023 "gpio: set device type for GPIO chips", gdev-dev.release is unset. As a result, the reference count to gdev-dev isn't dropped on the error...

CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

CVE-2026-31701

In CVE-2026-31701, the Linux kernel ALSA caiaq driver (USB audio) stored a pointer to the parent usb_device without a reference. The snd_usb_caiaq_card_free() path can run after the USB device is disconnected, dereferencing freed memory (use-after-free). The fix is to take a reference on the USB ...

CVE-2026-31701

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

CVE-2026-31701 ALSA: caiaq: take a reference on the USB device in create_card()

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

Apache Neethi doesn't impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the PolicyReference API when fetching remote policy references. An attacker can access internal resources or arbitrary protocols by supplying a crafted URI. Remediation Upgrade org.apache.neethi:neet...

CVE-2026-42404

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

CVE-2026-42404 Apache Neethi: Unrestricted HTTP Redirect Following in Policy References

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

CVE-2026-42404 Apache Neethi: Unrestricted HTTP Redirect Following in Policy References

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

ECHO-854E-87BE-FE66

Bulletin has no description...

CVE-2026-42403 Apache Neethi: Circular Policy Reference Infinite Loop

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

PT-2026-36504

Content removed...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of reference counts during error handling paths. This issue may lead to resourc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the mshvregionpin function pinuserpagesfast returning a short pin count that is not handled correctly, leading to memory corruption...

PT-2026-36367

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Resource leaks occur in the gpiochip add data with key function. Due to gdev-dev.release being unset, the reference count to gdev-dev is not dropped during error handling paths...

PT-2026-36395

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the lpvo usb driver within the GPIB subsystem. During the GPIB attach process, the driver iterates through registered USB interfaces and acquires references to US...

WordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.7.25 - Authenticated (Vendor+) Insecure Direct Object Reference to Arbitrary User Deletion vulnerability

Authenticated Vendor+ Insecure Direct Object Reference to Arbitrary User Deletion vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin WCFM – Frontend Manager for WooCommerce versions = 6.7.25...

PT-2026-36331

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The caiaq driver in the ALSA subsystem stores a pointer to the parent USB device in cdev-chip.dev without taking a reference to it. This leads to a use-after-free scenario where the snd...