CVE-2026-43483

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically within the SVM Secure Virtual Machine module. This vulnerability arises from incorrect handling of CR8 write interceptions when the Advanced Virtual Interrupt Controller AVIC is activated or deactivate...

About the security content of Safari 26.5

About the security content of Safari 26.5 This document describes the security content of Safari 26.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Linux Distros Unpatched Vulnerability : CVE-2026-43265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, ...

CVE-2025-71289

A flaw was found in the Linux kernel's NTFS3 file system driver. When a file is truncated, and an error occurs during the process of setting the attribute size, the system silently ignores this error. This oversight can lead to the file's inode, which stores critical file system metadata, being...

CVE-2025-71292

A flaw was found in the Linux kernel's Journaled File System JFS. This vulnerability occurs when a directory's link count nlink reaches its maximum value and a rename operation is performed on a child directory. This can cause the link count to wrap around, leading to an nlink overflow. The...

CVE-2026-43114

A flaw was found in the Linux kernel's netfilter component. This vulnerability, located in the nftsetpipapoavx2 functionality, is caused by incorrect data processing during AVX2 matching operations. This can lead to the system incorrectly identifying or matching network data entries within...

CVE-2026-43130

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...

PT-2026-37470

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where the system relies on the pci dev is disconnected function to skip Address Translation Services ATS invalidation for safely removed...

Virtuozzo Infrastructure 7.3 Hotfix 2 (7.3.0-185)

This update provides stability fixes. Vulnerability id: VSTOR-128568 Backend initialization could fail when more than one project used the name 'admin'. Vulnerability id: VSTOR-129614 The Backup Gateway service could crash when removing an empty file. Vulnerability id: VSTOR-130137 Collecting a...

Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense

Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...

CLSA-2026-1777544655 rsync: Fix of 2 CVEs

CVE-2024-12086: prevent server from reading arbitrary client files via path traversal - CVE-2025-10158: fix invalid access to files array in sender - Add upstream stability fix RsyncProject/rsync PR 706: use-after-free in generator - Enable Amazon Linux 2 ELS...

CVE-2026-31724

A flaw was found in the Linux kernel's USB gadget Ethernet Emulation Model EEM function. This issue occurs when a USB gadget function disconnects, causing the related network device to not be properly removed. As a result, invalid links remain in the system's file system, known as dangling symbol...

CLSA-2026-1777469554 rsync: Fix of 2 CVEs

CVE-2024-12086: prevent server from reading arbitrary client files via path traversal - CVE-2025-10158: fix invalid access to files array in sender - Add upstream stability fix RsyncProject/rsync PR 706: use-after-free in generator - Enable Amazon Linux 2 ELS...

EDySec: A Deep Learning-Based Explainable Dynamic Analysis Framework for Detecting Malicious Packages in PyPI Ecosystem

The security of open-source software repositories is increasingly threatened by next-gen software supply chain attacks. These attacks include multiphase malware execution, remote access activation, and dynamic payload generation. Traditional Machine Learning ML detectors struggle to detect these...

CVE-2026-31538

A flaw was found in the Linux kernel's Server Message Block SMB direct server. A race condition exists in the logic responsible for managing receive credits. This occurs because the system's method of counting posted receive input/output recvio and granted credits is susceptible to timing issues...

SUSE CVE-2026-31673

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

CVE-2026-31673

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

CVE-2026-31550

A flaw was found in the Linux kernel's bcm2835-power component. An insufficient timeout during the ASB Advanced System Bus bridge control process, particularly under heavy system load, can prevent the V3D graphics processor from properly disabling. This can leave the V3D in an unstable state,...

EUVD-2026-25485

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't stable unless kvm-lock is held or KVM can guarantee KVMSEVINIT2 has...