PT-2026-34990

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc input packet on conn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpc try get cal...

PT-2026-34991

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpc alloc client call, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the Irdma driver waiting for the QP reference count to zero during network reset operations,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from premature device reference release in the xfrm module, potentially leading to race conditions...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of return statements in the nfcllcprecvhdlc and nfcllcprecvdisc functions after the...

PT-2026-34857

The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the dex bccf admin int calendar list.inc.php file due to missing validation on a user controlled key. This makes it possible for authenticated...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a underflow in the reference counting mechanism used in intelengineparkheartbeat. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rxrpcallocclientcall function acquiring key references without releasing them when the call i...

PT-2026-35030

Name of the Vulnerable Software and Affected Versions LiquidJS versions prior to 10.25.7 Description A circular block reference within % layout % and % block % tags can trigger an infinite recursive loop. This occurs in the getBlockRender function within src/tags/block.ts during OUTPUT mode; when...

PT-2026-35009

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the batman-adv module, the function batadv bla add claim can replace claim-backbone gw and drop the last reference of the old gateway while readers are still following the pointer. Th...

PT-2026-34986

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the rxrpc server keyring function. This issue occurs because the system fails to check if rx-securities is already set before proceeding. Recommendations...

PT-2026-34907

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the futex subsystem where the futex lock pi retry path fails to clear a stale exiting pointer. When futex lock pi atomic detects that an owner is exiting, it returns...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a reference counting issue in the batman-adv module. This vulnerability may lead to reuse of resources...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the wifi rtw88 driver failing to release the USB device reference when detection fails, resulting...

PT-2026-34956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak exists in the rtw88 wifi driver. The driver takes a reference to the USB device during the probe process but fails to release it when certain probe errors occur, such as...

PT-2026-35015

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free issue exists in the xfrm component of the Linux kernel. After asynchronous crypto completes, the xfrm input resume function calls dev put immediately upon re-entry befor...

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

ALPINE-CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

CVE-2026-6732

CVE-2026-6732 affects libxml2 and is triggered when parsing an XSD-validated document that contains an internal entity reference, causing a type confusion error and a DoS via crashes. The vulnerability is tied to how libxml2 processes crafted XML Schema Definition inputs, with the impact describe...