EUVD-2026-33726

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

PT-2026-45491

Summary Vitest browser mode served / vitest test / with the otelCarrier query parameter inserted directly into an inline module script. Because this value was treated as JavaScript source rather than data, an attacker could craft a browser-runner URL that executes arbitrary JavaScript in the Vite...

CVE-2026-6406 Docker Desktop Enhanced Container Isolation bypass via --use-api-socket CLI flag

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

EUVD-2026-31484

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: iscsi: iscsitcp: Fixed a NULL pointer derefrence issue when calling getpeername. A crash due to a NULL pointer occurred when freeing a socket at the same time as accessing it via sysfs. The problem is as follows: 1...

SUSE CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

EUVD-2026-25566

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

CVE-2026-42095

CVE-2026-42095 affects bookserver in KDE Arianna up to version 26.04.0 (pre-26.04.1). Affected component allows an attacker with local access to read arbitrary files by guessing a URL over a socket connection, as described in the vulnerability description. Root cause: insufficient access control ...

PT-2026-34879

Name of the Vulnerable Software and Affected Versions bookserver in KDE Arianna versions prior to 26.04.1 Description An issue in bookserver allows attackers to read files over a socket connection by guessing a URL. Recommendations Update to version 26.04.1...

JLSEC-2026-64

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host...

K000160680: Node.js vulnerability CVE-2026-21636

Security Advisory Description A flaw in Node.js's permission model allows Unix Domain Socket UDS connections to bypass network restrictions when --permission is enabled. Even without --allow-net, attacker-controlled inputs such as URLs or socketPath options can connect to arbitrary local sockets...

📄 usbmuxd 1.1.1-1 Path Traversal / Arbitrary File Write

A path traversal vulnerability exists in usbmuxd, a system daemon responsible for multiplexing USB connections to mobile devices. Due to insufficient validation and sanitization of file path inputs processed through its message-handling interface, a local attacker with access to the usbmuxd UNIX...

SUSE-SU-2026:0186-1 Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. - CVE-2022-50409: net: If sock is dead don't access sock's skwq i...

MiracleLinux 9 : samba-4.18.6-101.el9.ML.1 (AXSA:2023-6897:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6897:12 advisory. samba: smbd allows client access to unix domain sockets on the file system as root CVE-2023-3961 samba: SMB clients can truncate files with read-onl...

EUVD-2026-2702

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

[SECURITY] Fedora 43 Update: golang-github-googlecloudplatform-cloudsql-proxy-1.31.2-11.fc43

The Cloud SQL Proxy allows a user with the appropriate permissions to connect to a Second Generation Cloud SQL database without having to deal with IP whitelisting or SSL certificates manually. It works by opening unix/tcp sockets on the local machine and proxying connections to the associated...

UBUNTU-CVE-2025-59529

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the serverwork function. An attacker can exhaust system memory and file descriptors even when CLIENTSMAX is defined by establishing numerous local connections, leading to increased...

TencentOS Server 3: virt:rhel and virt-devel:rhel (TSSA-2022:0119)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0119 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...