CVE-2026-23256

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...

CVE-2026-23253

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvbdvropen calls dvbringbufferinit when a new reader opens the DVR device. dvbringbufferinit calls initwaitqueuehead, which reinitializes the waitqueue list head...

CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

Malicious code in chai-as-resolved (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f68c4df2837821306981ccb732721f9d6a1be9a7f096d6adc0ea53cd922bfe6 The package chai-as-resolved was found to contain malicious code...

MAL-2026-1671 Malicious code in chai-as-resolved (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f68c4df2837821306981ccb732721f9d6a1be9a7f096d6adc0ea53cd922bfe6 The package chai-as-resolved was found to contain malicious code...

Advisory ROSA-SA-2026-3213

Software: libmicrohttpd 0.9.77 OS: ROSA-CHROME unaffected versions = libmicrohttpd-0.9.77-1 affected versions libmicrohttpd-0.9.77-1 CVE-ID: CVE-2025-59777 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dereferencing the NULL pointer in GNU libmicrohttpd allows a remote attacker to cause a denial of...

python3.11 security update

3.11.13-5.1.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143104 RHEL-143167 RHEL-144890...

CVE-2026-23239

In the Linux kernel, the following vulnerability has been resolved: espintcp: Fix race condition in espintcpclose This issue was discovered during a code audit. After cancelworksync is called from espintcpclose, espintcptxwork can still be scheduled from paths such as the Delayed ACK handler or...

CVE-2024-14027

In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...

CVE-2025-38729 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-38729 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39702 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-39702 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39873 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-39873 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39787 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-39787 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-26327 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

OpenClaw is a personal AI assistant. Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs...

PT-2026-20370

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description OpenClaw is a personal AI assistant that utilizes discovery beacons Bonjour/mDNS and DNS-SD which include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. These TXT...

Advisory ROSA-SA-2026-3180

Software: perl 5.26.3 OS: ROSA Virtualization 3.0 unaffected versions = perl-5.26.3-423.rv30 affected versions perl-5.26.3-423.rv30 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an...

Advisory ROSA-SA-2026-3162

Software: sqlite 3.26.0 OS: ROSA Virtualization 3.1 unaffected versions = sqlite-3.26.0-20.rv31 affected versions sqlite-3.26.0-20.rv31 CVE-ID: CVE-2025-6965 BDU-ID: 2025-08786 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Aggregate Term Handler component of the SQLite database management syst...

Advisory ROSA-SA-2026-3159

Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

Advisory ROSA-SA-2026-3135

Software: git 2.43.5 OS: ROSA Virtualization 2.1 unaffected versions = git-2.43.5-3.rv3 affected versions git-2.43.5-3.rv3 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path na...

mlflow Creates of Temporary File in Directory with Insecure Permissions

In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions 0o777. This vulnerability allows an attacker with write access to the /tmp directory to exploit a race condition and overwrite .py files in the virtual...