CVE-2026-54278 vulnerabilities

Vulnerabilities for packages: authentik-fips, metaflow-service-fips, tritonserver-backend-vllm-cuda-13.0, py3-vllm-cuda-12.4, text-generation-inference, mlflow-fips, request-1276, mlflow, authentik...

CVE-2026-54276 vulnerabilities

Vulnerabilities for packages: authentik-fips, metaflow-service-fips, tritonserver-backend-vllm-cuda-13.0, py3-vllm-cuda-12.4, text-generation-inference, mlflow-fips, request-1276, mlflow, authentik...

CVE-2026-54277 vulnerabilities

Vulnerabilities for packages: authentik-fips, metaflow-service-fips, tritonserver-backend-vllm-cuda-13.0, py3-vllm-cuda-12.4, text-generation-inference, mlflow-fips, request-1276, mlflow, authentik...

CVE-2026-54275 vulnerabilities

Vulnerabilities for packages: authentik-fips, metaflow-service-fips, tritonserver-backend-vllm-cuda-13.0, py3-vllm-cuda-12.4, text-generation-inference, mlflow-fips, request-1276, mlflow, authentik...

CVE-2026-54274 vulnerabilities

Vulnerabilities for packages: authentik-fips, metaflow-service-fips, tritonserver-backend-vllm-cuda-13.0, py3-vllm-cuda-12.4, text-generation-inference, mlflow-fips, request-1276, mlflow, authentik...

CVE-2026-54273 vulnerabilities

Vulnerabilities for packages: authentik-fips, metaflow-service-fips, tritonserver-backend-vllm-cuda-13.0, py3-vllm-cuda-12.4, text-generation-inference, mlflow-fips, request-1276, mlflow, authentik...

CVE-2026-0156

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0144

In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0127

In NrmmMsgCodec::DecodeUPUTransparentContext of cnNrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed. User interaction is not needed fo...

Denial Of Service (DoS)

markdown-it is vulnerable to Denial of Service DoS. The vulnerability is due to quadratic-time processing in the smartquotes rule when typographer: true is enabled, which allows an attacker to supply specially crafted markdown containing consecutive quotation marks and consume excessive CPU...

kernel: netfilter: flowtable: strictly check for maximum number of actions

A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs because the system does not strictly check the maximum number of hardware offload actions for IPv6, allowing it to process more actions than supported. This could potentially lead to system...

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result

A flaw was found in the Linux kernel's Wi-Fi mac80211 subsystem. The ieee80211invokefastrx function uses a static variable for rxresult, which is shared across concurrent calls. This can lead to incorrect processing of Wi-Fi packets, where a packet might be mishandled or its status incorrectly...

kernel: xen/privcmd: fix double free via VMA splitting

A flaw was found in the Linux kernel's xen/privcmd module. A local user could exploit this by performing a partial unmapping of a privcmd memory region. This action causes a Virtual Memory Area VMA to split, leading to duplicated internal memory pointers. As a result, the same memory can be freed...

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

CVE-2026-0156

The CVE-2026-0156 entry concerns a memory safety issue in checkSsrcCollisionOnRcv of RtpSession.cpp due to a missing null check. This vulnerability could allow remote denial of service without requiring privileges, and does not require user interaction to exploit. Connected documents (CVE/CVELIST...

CVE-2026-0144

In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0144

The CVE-2026-0144 issue is described as a memory safety flaw in writeAocCommand of AocAudioCodec.cpp caused by a missing bounds check, potentially enabling remote denial of service without user interaction. Exploitation details, affected products/versions, and remediation are not provided in the ...

CVE-2026-0136

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...