CVE-2026-43011

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates back through the call chain: x25queuerxframe returns 1 | v x25state3machi...

CVE-2026-43011

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates back through the call chain: x25queuerxframe returns 1 | v x25state3machi...

EUVD-2026-26610

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When allocskb fails in x25queuerxframe it calls kfreeskbskb at line 48 and returns 1 error. This error propagates back through the call chain: x25queuerxframe returns 1 | v x25state3machi...

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

Exploit for CVE-2026-31431

CVE-2026-31431 Mitigation for Deckhouse Kubernetes Platform...

EUVD-2026-26682

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

PT-2026-36487

Name of the Vulnerable Software and Affected Versions MixPHP Framework versions 2.x through 2.2.17 Description An unsafe deserialization issue exists in the sync-invoke TCP server. The server receives data from a TCP socket and passes it directly to the unserialize function within the OpisClosure...

CVE-2026-37526

CVE-2026-37526 affects AGL app-framework-binder (afb-daemon) up to v19.90.0. The issue arises in the abstract Unix socket @urn:AGL:afs:supervision:socket where the function on_supervision_call dispatches eight supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without any...

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

PT-2026-36448

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienet free tx chain sums the per-BD actual length from descriptor status into a caller-provided...

PT-2026-36440

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Bluetooth SCO component. The function sco sock connect performs checks on sk state and sk type without holding the socket lock. This allows two concurrent...

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

PT-2026-36467

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel between the lec atm close function setting priv-lecd to NULL and concurrent access to priv-lecd within the send to lecd, lec handle bridge, an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unbound UART receive buffer in the NFC pn533 driver, resulting in malicious malformed UART traffic that c...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A memory misreference vulnerability exists in the Linux kernel. The vulnerability stems from a confusion in the instruction responsible for freeing memory in the scosockconnect...

PT-2026-36428

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the net/x25 component. When alloc skb fails within the x25 queue rx frame function, the system calls kfree skbskb and returns an error. This error propagate...

EUVD-2025-209596

CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. Fixed in 2026.2.2...

CLSA-2026-1777566732 Fix CVE(s): CVE-2018-10841

SECURITY UPDATE: privilege escalation on glusterd nodes via the CLI RPC program being exposed on the TCP listener when management-plane SSL is enabled, allowing a TLS-authenticated client outside the trusted storage pool to issue privileged volume-management commands via gluster --remote-host -...

Exploit for CVE-2026-31431

copyFail.py — CVE Exploit Analysis Report Summary copyFa...