CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

UBUNTU-CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

EUVD-2026-2441

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc, valloc, pvalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption...

CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

CVE-2026-0861 Integer overflow in memalign leads to heap corruption

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001381 advisory. A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget which are aligned to PUD...

GNU C Library 安全漏洞

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. A security vulnerability exists in the GNU C Library versions 2.30 through 2.42, which stems from the fact that passing too large an alignment value to the memalign family of...

When Bots Take the Bait: Exposing and Mitigating the Emerging Social Engineering Attack in Web Automation Agent

Web agents, powered by large language models LLMs, are increasingly deployed to automate complex web interactions. The rise of open-source frameworks e.g., Browser Use, Skyvern-AI has accelerated adoption, but also broadened the attack surface. While prior research has focused on model threats su...

CurricuLLM: Designing Personalized and Workforce-Aligned Cybersecurity Curricula Using Fine-Tuned LLMs

The cybersecurity landscape is constantly evolving, driven by increased digitalization and new cybersecurity threats. Cybersecurity programs often fail to equip graduates with skills demanded by the workforce, particularly concerning recent developments in cybersecurity, as curriculum design is...

Emoji-Based Jailbreaking of Large Language Models

Large Language Models LLMs are integral to modern AI applications, but their safety alignment mechanisms can be bypassed through adversarial prompt engineering. This study investigates emoji-based jailbreaking, where emoji sequences are embedded in textual prompts to trigger harmful and unethical...

PT-2026-27748

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the BPF JIT allocator. The allocator requests 4-byte alignment for the JIT buffer, but the bpf plt structure contains a 64-bit u64 target fiel...

Toward Real-World IoT Security: Concept Drift-Resilient IoT Botnet Detection Via Latent Space Representation Learning and Alignment

Although AI-based models have achieved high accuracy in IoT threat detection, their deployment in enterprise environments is constrained by reliance on stationary datasets that fail to reflect the dynamic nature of real-world IoT NetFlow traffic, which is frequently affected by concept drift...

CVE-2025-68750 usb: potential integer overflow in usbg_make_tpg()

In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbgmaketpg The variable tpgt in usbgmaketpg is defined as unsigned long and is assigned to tpgt-tporttpgt, which is defined as u16. This may cause an integer overflow when tpgt is greater than...

CVE-2023-54116

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibit potential out-of-bounds access The fbdev test of IGT may write after EOF, which lead to out-of-bound access for drm drivers with fbdev-generic. For example, run fbdev test on a x86+ast2400 platform, wi...

PT-2025-52961

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a null pointer dereference issue within the UDPLITE protocol handling, specifically in the sk mem raise allocated function. This issue was identified through...

SUSE CVE-2025-68308

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...

PT-2026-22652

Name of the Vulnerable Software and Affected Versions Qualcomm Android components versions prior to 2026-03-05 Description A high-severity memory corruption issue exists in Qualcomm graphics components used in Android devices. The vulnerability, identified as CVE-2026-21385, is an integer overflo...

SUSE CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...