CVE-2026-23388

A flaw was found in the Linux kernel's Squashfs component. A local attacker could craft a malicious Squashfs image with a corrupted index look-up table, leading to a negative metadata block offset. This negative offset causes an out-of-bounds access when processing the image, resulting in a gener...

PT-2026-6369

Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...

IGEL OS < 11.0.0 Secure Boot bypass (CVE-2025-47827)

The version of IGEL OS running on the remote host is prior to version 11. It is, therefore, affected by a cryptographic signature verification vulnerability in the igel-flash-driver module. An attacker could exploit this flaw to bypass Secure Boot protections. By leveraging the improper...

MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image. MITRE created this CVE on their behalf. The documented Windows updates...

VulnCheck KEV: CVE-2025-47827

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...

IGEL OS Use of a Key Past its Expiration Date Vulnerability

IGEL OS contains a use of a key past its expiration date vulnerability that allows for Secure Boot bypass. The igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...

KB5066873: Windows Server 2012 R2 Security Update (October 2025)

The remote Windows host is missing security update 5066873. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

EUVD-2025-16999

Malicious code in bioql PyPI...

CVE-2025-47827

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...

CVE-2025-47827

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...

CVE-2025-47827

Technical details for CVE-2025-47827 are not publicly provided in the supplied documents. The initial description notes a Secure Boot bypass via igel-flash-driver, but no additional technical specifics, affected versions, or fixes are included here. Monitor for updates.

CVE-2025-47827

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...

UBUNTU-CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...