Cesanta Mongoose Web Server 安全漏洞

Cesanta Mongoose Web Server is an embedded server and network library developed in C language by the Irish company Cesanta. Version 6.9 of Cesanta Mongoose Web Server contains a security vulnerability. This vulnerability arises from the possibility that establishing multiple socket connections ma...

RockyLinux 9 : kernel (RLSA-2026:3488)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3488 advisory. kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr...

Acronis Cyber Protect和Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect and Acronis Cyber Protect Cloud Agent are both products of Swiss company Acronis. Acronis Cyber Protect is an integrated network protection solution for businesses and enterprises. It combines features such as backup, anti-malware, network security, and endpoint management...

CVE-2026-28727

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124, Acronis True Image macOS before build 42902...

CVE-2026-28727

CVE-2026-28727 : Local privilege escalation caused by insecure Unix socket permissions. Affected on macOS: Acronis Cyber Protect 17 before build 41186 and Acronis Cyber Protect Cloud Agent before build 41124. The CVSS vector indicates LOCAL access, low privileges required, no user interaction, wi...

CVE-2026-28727

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124, Acronis True Image macOS before build 42902...

CVE-2026-28458

OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay extension must be installed and enabled /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopback and access sensitive data. Attackers can exploit...

CVE-2026-28472

OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity or pairing by exploiting t...

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

PT-2026-23601

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005637 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005651 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always...

CVE-2026-20052

CVE-2026-20052 affects Cisco Secure Firewall Threat Defense (FTD) when Snort 3 Detection Engine handles SSL packet inspection. A logic error in memory management could be triggered by an unauthenticated remote attacker sending crafted SSL packets over the network, potentially causing the Snort 3 ...

CVE-2026-20052 Cisco Secure Firewall Threat Defense Software Snort 3 Memory Management Denial of Service Vulnerability

A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a logic error in memory management...

CVE-2026-20005

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete parsing of the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005457 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005627 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leak...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005806 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendms...