SUSE CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

Astra Linux - уязвимость в linux

A heap out-of-bounds write that affects Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This vulnerability allows an attacker to gain privileges or cause a Denial-of-Service attack through heap memory corruption by manipulating the user name space...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: Make sure that the caller has CAPSYSADMIN in the correct user namespaces. What we want to ensure is that clone will not expose something hidden by a mount that we wouldn’t be able to undo. “ wouldn’t be able to...

Astra Linux - уязвимость в firejail

A privilege context switching issue was discovered in the join.c file of Firejail 0.9.68. By creating a fake Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment where the Linux user namespace remains the initial user...

Astra Linux - уязвимость в docker.io

In Docker versions prior to 9.03.15 and 20.10.3, there is a vulnerability related to the --userns-remap option. This option allows access to the remapped root directory, enabling privilege escalation to the actual root directory. When using --userns-remap, if the root user in the remapped namespa...

BIT-GITLAB-2026-4527 Cross-Site Request Forgery (CSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a specially crafted link due...

CVE-2026-45781 MCP Registry: OCI ownership validation fails open on upstream rate limits, allowing attacker-controlled package claims

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.9, OCI ownership validation skips label-match check when upstream OCI registry returns HTTP 429, letting any authenticated publisher bind their io.github./ namespace to OCI images the...

Exploit for CVE-2026-46300

Security Research & Legal Disclaimer This repository is for educ...

CVE-2026-4527 Cross-Site Request Forgery (CSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a specially crafted link due...

PT-2026-40867

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.10 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Missing Cross-Site Request Forgery CSRF protection—a flaw where an attacker tricks a victim into...

Astra Linux - уязвимость в shadow

A vulnerability was discovered in Shadow 4.5. The newgidmap function part of shadow-utils is setuid, allowing an unprivileged user to be placed in a user namespace where setgroups2 is allowed. This enables an attacker to remove themselves from a supplementary group, potentially granting them acce...

CVE-2026-31692

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns rtnlnewlink lacks a CAPNETADMIN capability check on the peer network namespace when creating paired devices veth, vxcan, netkit. This allows an unprivileged user with a...

MiracleLinux 9 : pam-1.5.1-19.el9 (AXSA:2024-7776:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7776:01 advisory. pam: allowing unprivileged user to block another user namespace CVE-2024-22365 Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001063 advisory. The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000806 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001499)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001499 advisory. A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000736 advisory. fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000837)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000837 advisory. fs/namespace.c in the Linux kernel before 4.0.2 processes MNTDETACH umount2 system calls without verifying that the MNTLOCKED flag is unset, which allows local users...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002088 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003140 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...