EUVD-2026-37909

The Webmin HTTP server miniserv.pl allows unauthenticated attackers to impersonate any user with a configured SSL client certificate by sending a forged HTTP header. A remote attacker can spoof certificate DNs and authenticate as any user. Fixed in 2.641...

CVE-2026-6733

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

EUVD-2026-37769

Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it...

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

CVE-2026-47139 vm2: NodeVM network builtin exclusions bypass via internal _http_client and _http_server

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes...

EUVD-2026-36439

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

USN-8426-1 linux-azure-5.15, linux-azure-fips vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

USN-8426-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7795-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7795-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-8361-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8361-1 advisory. A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following...

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8098-8)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8098-8 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

Ubuntu 24.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-8350-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8350-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

Ubuntu 20.04 LTS : Linux kernel (AWS FIPS) vulnerabilities (USN-7795-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7795-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Ubuntu 24.04 LTS / 25.10 : Kea DHCP vulnerability (USN-8403-1)

The remote Ubuntu 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8403-1 advisory. Ali Norouzi discovered that Kea DHCP did not properly handle maliciously crafted messages over configured API sockets and HA listeners. A remote attacker...

Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8351-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8351-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7819-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7819-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

CVE-2026-45638

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2026-45598

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2026-34335

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...