CVE-2026-0029

In pkvminitvm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-47378

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

CVE-2025-47378 Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

CVE-2025-47378

CVE-2025-47378 is described as a cryptographic issue where a shared VM reference allows HLOS to boot the loader and access the certificate chain. Connected sources corroborate a cryptographic exposure affecting HLOS/boot chain components and reference related advisories from Red Hat and NCSC; how...

EUVD-2025-208187

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

CVE-2025-47378 Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

filecoin-audit-kit

Filecoin Security Devnet Spin up a local Filecoin network for...

PT-2026-22643

Name of the Vulnerable Software and Affected Versions versions prior to 2025-47378 Description A cryptographic issue exists when a shared VM reference allows HLOS to access the boot loader and certificate chain. This could potentially compromise the system's security. Recommendations At the momen...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005415 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of...

GHSA-HX9W-F2W9-9G96 hex_core has Unsafe Deserialization of Erlang Terms

Impact The Hex client hexcore deserializes Erlang terms received from the Hex API using binarytoterm/1 without sufficient restrictions. If an attacker can control the HTTP response body returned by the Hex API, this allows denial-of-service attacks such as atom table exhaustion, leading to a VM...

CVE-2026-22717

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

EUVD-2023-35675

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

CVE-2026-27597

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by @enclave-vm/core, which can be used to achieve remote code execution RCE. The issue has been fixed in version 2.11.1...

PT-2026-22189

Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description A flaw exists due to improper handling of direct memory writes in the input-output memory management unit. A malicious guest virtual machine VM could potentially overwhelm the host with writ...

@enclave-vm/broker (>=2.10.0 <=2.10.1), @enclave-vm/core (>=2.10.0 <=2.10.1) +1 more potentially affected by CVE-2026-27597 via @enclave-vm/ast (>=2.10.0 <=2.10.1)

@enclave-vm/ast NPM version =2.10.0, =2.10.0, =2.10.0, =2.10.0, =2.10.1 Source cves: CVE-2026-27597 Source advisory: SNYK:JS-ENCLAVEVMAST-15366962...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments

Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a...

CVE-2026-2664

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...