Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001373)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001373 advisory. An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMA...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000985 advisory. Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. Tenabl...

Linux Distros Unpatched Vulnerability : CVE-2025-71130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915gemdoexecbuffer Initialize the eb.vma...

CVE-2026-20875

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

CVE-2026-20854

Use after free in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to execute code over a network...

CVE-2026-20827

Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to disclose information locally...

CVE-2026-20870 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

CVE-2026-20854 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability

...

CVE-2026-20920 Win32k Elevation of Privilege Vulnerability

...

CVE-2026-20875 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

...

CVE-2026-20827 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

...

CVE-2026-20827

CVE-2026-20827 affects the Tablet Windows User Interface (TWINUI) Subsystem, enabling local disclosure of sensitive information to an attacker with low privileges and no user interaction. The vulnerability is mapped to a local-attack vector with high confidentiality impact (C:H, I:N, A:N) and a C...

CVE-2026-20827 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

...

CVE-2026-20826

Concurrent execution using shared resource with improper synchronization 'race condition' in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to elevate privileges locally...

CVE-2026-20826 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

...

CVE-2026-20826

CVE-2026-20826 describes a race-condition in the Tablet Windows User Interface (TWINUI) Subsystem. The initial entry asserts an information disclosure/elevation of privileges vector via concurrent access to a shared resource, enabling an authorized attacker to elevate privileges locally. Microsof...

CVE-2026-20826 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

...

CVE-2025-71081

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

UBUNTU-CVE-2025-68811

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

UBUNTU-CVE-2025-68768

In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...