GHSA-HM8Q-7F3Q-5F36 Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()

Summary Improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This issue is not exploitable by an anonymous attacker; it only manifests when a malformed claim value reaches...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-016790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016790 advisory. An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. FilteredRelation is subject to SQL injection in column aliases via control...

CVE-2026-43429

A flaw was found in the Linux kernel's usbtmc driver. A local user can exploit this vulnerability by providing arbitrarily long timeout values through an ioctl command. This can cause the kernel thread to hang indefinitely, leading to a Denial of Service DoS condition. Mitigation To mitigate this...

CVE-2026-41885

CVE-2026-41885 affects i18next-locize-backend prior to version 9.0.2. The issue arises when the backend interpolates values (lng, ns, projectId, version) directly into URL templates (loadPath/privatePath/addPath/updatePath/getLanguagesPath) without encoding or validation, enabling user-controlled...

CVE-2026-41885 Path traversal / URL injection via unsanitised lng/ns/projectId/version in i18next-locize-backend

i18next-locize-backend is a simple i18next backend for locize.com which can be used in Node.js, in the browser and for Deno. Prior to version 9.0.2, i18next-locize-backend interpolates lng, ns, projectId, and version directly into the configured loadPath / privatePath / addPath / updatePath /...

CVE-2026-41885 Path traversal / URL injection via unsanitised lng/ns/projectId/version in i18next-locize-backend

i18next-locize-backend is a simple i18next backend for locize.com which can be used in Node.js, in the browser and for Deno. Prior to version 9.0.2, i18next-locize-backend interpolates lng, ns, projectId, and version directly into the configured loadPath / privatePath / addPath / updatePath /...

CVE-2026-42353

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware passes the user-controlled lng and ns values from getResourcesHandler directly into...

CVE-2026-41583 ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed to validate a consensus rule that restricted the possible values of sighash hash types for V5 transactions which were enabled in the NU5 network...

CVE-2026-41570 PHPUnit: Argument injection via newline in PHP INI values forwarded to child processes

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

CVE-2026-41570

PHPUnit versions 12.5.21 and 13.1.5 forward PHP INI settings to child processes as -d name=value without neutralizing metacharacters, allowing newline-based directive injection. This can lead to remote code execution via auto_prepend_file in the child process. Patches are available in PHPUnit 12....

CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

CVE-2026-41570 PHPUnit: Argument injection via newline in PHP INI values forwarded to child processes

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

CVE-2026-43437

CVE-2026-43437 affects the Linux kernel ALSA PCM subsystem (snd_pcm_drain). The issue is a use-after-free in the drain path: during drain, runtime is reassigned to a linked stream’s runtime and after releasing the stream lock, runtime fields (no_period_wakeup, rate, buffer_size) are accessed with...

CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

CVE-2026-43303

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare Several subsystems slub, shmem, ttm, etc. use page-private but don't clear it before freeing pages. When these pages are later allocated as high-order pages and split via...

CVE-2026-37540

A flaw was found in OpenAMP. An integer overflow vulnerability exists in the ELF loader's firmware image parsing, specifically within elfloader.c. This flaw occurs when multiplying two attacker-controlled 16-bit values from the ELF header without proper overflow checking. On 32-bit embedded...

SUSE CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the freepagesprepare function not clearing the page-private field. This may result in the retenti...

i18next-http-middleware 路径遍历漏洞

i18next-http-middleware is an open-source HTTP internationalization middleware for Node.js and Deno by i18next. Versions of i18next-http-middleware prior to version 3.9.3 contained a path traversal vulnerability. This vulnerability stemmed from the lack of cleaning user-controlled lng and ns...