Exploit for CVE-2026-31431

copyfail-rs A Rust implementation of the Copy Fail exploi...

Exploit for CVE-2026-31431

CVE-2026-31431 — Local Privilege Escalation via AFALG !N...

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Exploit A Linux kernel page cache co...

Exploit for CVE-2026-31431

SSIA - System Structural Integrity Audit A tool kit for disco...

Exploit for CVE-2026-31431

Wazuh SCA policy: Copy Fail CVE-2026-31431 This policy file...

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Detection Toolkit Detection and an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A local elevation of privilege vulnerability exists in the Linux kernel, which stems from a flaw in the logic of the crypto: algifaead module when handling AEAD operations, and...

UBUNTU-CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50453: gpiolib: cdev: fix NULL-pointer dereferences bsc1250887. CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue...

SUSE-SU-2026:20931-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues. The following security issues were fixed: - CVE-2025-39753: gfs2: Set .migratefolio in gfs2rgrp,metaaops bsc1249590. - CVE-2025-39964: crypto: afalg - Disallow concurrent writes in afalgsendmsg bsc1251966. -...

CVE-2026-28802 Authlib: Setting `alg: none` and a blank signature appears to bypass signature verification

Authlib is a Python library which builds OAuth and OpenID Connect servers. From version 1.6.5 to before version 1.6.7, previous tests involving passing a malicious JWT containing alg: none and an empty signature was passing the signature verification step without any changes to the application co...

GHSA-7WC2-QXGW-G8GG Authlib: Setting `alg: none` and a blank signature appears to bypass signature verification

Summary After upgrading the library from 1.5.2 to 1.6.0 and the latest 1.6.5 it was noticed that previous tests involving passing a malicious JWT containing alg: none and an empty signature was passing the signature verification step without any changes to the application code when a failure was...

Parse Server 数据伪造问题漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. Versions of Parse Server prior to 8.6.3 and 9.1.1-alpha.4 contained a data manipulation vulnerability. This vulnerability stemmed from an unverified attacker being...

Unbreakable Enterprise kernel security update

5.4.17-2136.351.3.2 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38855323 CVE-2025-40280 - tipc: simplify the finalize work queue Xin Long Orabug: 38855323 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38855319 CVE-2025-40248 ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001159)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001159 advisory. The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a loc...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003937)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003937 advisory. In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004325 advisory. In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000957 advisory. crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service NULL pointer dereference and system crash by using an AFALG socket...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000663 advisory. crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is...

EUVD-2026-2687

A Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the SIP application layer gateway ALG of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow...