GHSA-W7PM-9G55-MXFM stigmem-node's unsigned plugin override could be enabled without a second explicit acknowledgment

Impact A single configuration flag could disable plugin signature enforcement. If an operator unintentionally carried that setting into an environment where plugin paths are writable by less-trusted users, unsigned plugin code could be loaded. Patches Patched in 0.9.0a2. Disabling plugin signatur...

stigmem-node's unsigned plugin override could be enabled without a second explicit acknowledgment

Impact A single configuration flag could disable plugin signature enforcement. If an operator unintentionally carried that setting into an environment where plugin paths are writable by less-trusted users, unsigned plugin code could be loaded. Patches Patched in 0.9.0a2. Disabling plugin signatur...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the missing initialization of the mrioc-evtackcmds array. The commit c1af985d27da “scsi: mpi3mr: Add Event acknowledgment logic” introduced an array mrioc-evtackcmds, but the initialization of its elements was...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbdiovpinrsp return error, use-after-free can happen by accessing opinfo-state and opinfoput and ksmbdfdput could called twice...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpParseOption...

Linux Distros Unpatched Vulnerability : CVE-2026-31662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even wh...

SUSE CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

PT-2026-35014

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The GRP ACK MSG handler in the tipc group proto rcv function decrements the bc ackers variable on every inbound group ACK, including duplicate ACKs from members who have already...

EUVD-2026-21214

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

UBUNTU-CVE-2026-5264

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

CVE-2026-5264

CVE-2026-5264 describes a heap buffer overflow in DTLS 1.3 ACK message processing. The vulnerability can be triggered by a remote attacker that sends a crafted DTLS 1.3 ACK message, potentially enabling high-impact outcomes as reflected by the associated CVSS metrics (NVD: AV:N/AC:L/PR:N/UI:N/S:U...

CVE-2026-5264

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source tools developed by OpenBSD in Canada, designed for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection...

CVE-2026-4247

CVE-2026-4247 affects FreeBSD TCP implementations (bases: 14.x, 15.x/releng) where, when a challenge ACK should be sent, tcp_respond() consumes the mbuf and can leak the mbuf if no ACK is sent. An attacker on-path or able to establish a TCP connection can craft packets that trigger a challenge AC...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the tcprespond function returning and leaking the mbuf when an ACK should not be sent. This vulnerability could allow attackers to exploit the system by...

FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak)

Problem Description: When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. Impact: If an attacker is either on path with an established TCP...

curl: MQTT Protocol Packet Injection via Unchecked CONNACK Remaining Length

I'm not sure if this is a vulnerability or intended behavior, but I noticed that curl MQTT implementation accepts CONNACK packets with Remaining Length values greater than 2, which appears to violate the MQTT v3.1.1 specification. According to the MQTT spec, CONNACK packets should have a Remainin...

PT-2026-3405

Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A flaw exists in Open5GS that can lead to a denial of service. The issue is located in the sgwc s11 handle downlink data notification ack function within the src/sgwc/s11-handler.c file of the sgwc...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001037)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001037 advisory. net/ipv4/tcpinput.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hija...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002909 advisory. The tcpchecksendhead function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which...