EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

CVE-2026-33446

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

CVE-2026-44499

ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, a composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to permanently halt all new block discovery on a targeted node. The attack exploits three independent...

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

CVE-2026-4480: Samba print-command %J injection PoC I...

CVE-2026-21030

Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...

EUVD-2026-34554

Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10891

Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

USN-8390-1 linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

USN-8389-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

USN-8388-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

SUSE CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

Ubuntu 26.04 LTS : Linux kernel vulnerabilities (USN-8370-1)

The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8370-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. ...

AlmaLinux 10 : samba (ALSA-2026:22963)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22963 advisory. samba: Missing access check on reparse point operations CVE-2026-1933 samba: vfsworm does not block directory modification CVE-2026-2340 samba: group...

PT-2026-46420

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the GFX component allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free is a memory corruption flaw that...

Critical: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

CVE-2026-46268

A flaw was found in the Linux kernel's PCI/P2PDMA subsystem. Specifically, a warning condition in the p2pmemallocmmap function can be triggered due to an incorrect page reference count assertion. This issue occurs when the CONFIGDEBUGVM option is enabled, leading to kernel warning messages. While...