CVE-2026-53000

A flaw was found in the Linux kernel's netfilter component, specifically within the Network Address Translation NAT subsystem. This vulnerability involves improper memory management when releasing network filter operation structures. This could potentially allow an attacker to cause a system cras...

CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

EUVD-2026-39228

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

CVE-2026-53277

The CVE-2026-53277 issue affects the Linux kernel KVM arm64 path. walk_s1() and kvm_walk_nested_s2() are expected to run with kvm->srcu held to guard memslot changes, but __kvm_at_s12() and __kvm_find_s1_desc_level() invoke these walkers without acquiring SRCU. The fix adds acquiring kvm->s...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fixed the refcount leak in the address translation for armsmmudevice. The reference counting issue occurs in several exception handling paths of armsmmuiovatophyshard. When these error scenarios occur, the functio...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fixed the check for NULL values in the SCCB field. The tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after the...

CVE-2026-53520

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0...

CVE-2026-53520 Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0...

CVE-2026-53520 Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0...

CVE-2026-53520

Nezha Monitoring before 2.1.0 (vulnerable 2.0.14–pre-2.1.0) allows authenticated users to claim the dashboard Host via NAT and preempt all dashboard routing. CVSS 3.1 base score 6.5 (I: None, A: High). Patch: upgrade to 2.1.0. If upgrading is not feasible, apply the vendor advisory guidance from ...

EUVD-2026-36599

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0...

PT-2026-49002

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 2.0.14 through 2.0.99 Description Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. Recommendations Update to version 2.1.0...

CVE-2026-49475

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

CVE-2026-46325

Summary (details from sources): CVE-2026-46325 affects the Linux kernel RDMA/rxe code, where iova-to-va conversion fails when MR page_size differs from system PAGE_SIZE. The bug arises because rxe_set_page() uses mr->page_size steps while the page_list holds PAGE_SIZE pages, and ib_sg_to_page(...

CVE-2026-34193

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

CVE-2026-48132

The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...

CVE-2026-34193

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

CVE-2026-34193

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...