CVE-2026-46327

In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dmsuspendedmd The function dmblkreportzones tests if the device is suspended with the "dmsuspendedmd" call. However, this function is called without holding any locks, so the device may be suspended just...

CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

CVE-2026-46324

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...

CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

CVE-2026-46322

In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...

CVE-2026-46321

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

CVE-2026-46320

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

CVE-2026-46319

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...

path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions

A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

firefox: thunderbird: Use-after-free in the DOM: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Networking component...

CVE-2026-44249 vulnerabilities

Vulnerabilities for packages: selenium, apache-nifi, keycloak, spark, cassandra-reaper, strimzi-kafka-operator, infinispan, apache-activemq-artemis, neo4j, cassandra, zookeeper, wavefront-proxy, wildfly, kserve-modelmesh, apache-nifi-registry, druid, apicurio-registry, akhq,...

GHSA-2R75-CXRJ-CMPH vulnerabilities

Vulnerabilities for packages: zed...

CVE-2026-47261 vulnerabilities

Vulnerabilities for packages: zed...

GHSA-X4GW-5CX5-PGMH vulnerabilities

Vulnerabilities for packages: selenium, apache-nifi, keycloak, spark, cassandra-reaper, strimzi-kafka-operator, infinispan, apache-activemq-artemis, neo4j, cassandra, zookeeper, wavefront-proxy, wildfly, kserve-modelmesh, apache-nifi-registry, druid, apicurio-registry, akhq,...

CVE-2026-45416 vulnerabilities

Vulnerabilities for packages: selenium, apache-nifi, keycloak, spark, cassandra-reaper, strimzi-kafka-operator, infinispan, apache-activemq-artemis, neo4j, cassandra, zookeeper, wavefront-proxy, wildfly, kserve-modelmesh, apache-nifi-registry, druid, apicurio-registry, akhq,...

GHSA-3QP7-7MW8-WX86 vulnerabilities

Vulnerabilities for packages: selenium, apache-nifi, keycloak, spark, cassandra-reaper, strimzi-kafka-operator, infinispan, apache-activemq-artemis, neo4j, cassandra, zookeeper, wavefront-proxy, wildfly, kserve-modelmesh, apache-nifi-registry, druid, apicurio-registry, akhq,...