CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

SUSE-SU-2026:0577-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2025-68276: Fixed refuse to create wide-area record browsers when wide-area is off bsc1256498 - CVE-2025-68471: Fixed DoS bug by changing assert to return bsc1256500 - CVE-2025-68468: Fixed DoS bug by removing incorrect assertion bsc1256499...

Splunk Cloud Platform和Splunk Enterprise 日志信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Enterprise and Splunk Clo...

CVE-2026-2523

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

EUVD-2026-6136

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

CVE-2026-2523

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

CVE-2026-2523

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

CVE-2026-2523

Open5GS Open5GS (up to 2.7.6) is affected in the SMF path, specifically the smf_gn_handle_create_pdp_context_request function in src/smf/gn-handler.c. The issue is a manipulation that leads to a reachable assertion, allowing remote exploitation. Public exploits exist and disclosure occurred with ...

CVE-2026-2523 Open5GS SMF gn-handler.c smf_gn_handle_create_pdp_context_request assertion

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38701)

In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2024-57924)

In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various reasons. The legacy users of exportfsencodefh, namely, nfsd and...

ROS-20260216-73-0046

A vulnerability in the avahialternativehostname function of the Avahi LAN service discovery system is related to a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

PT-2026-8294

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description An issue exists in Open5GS up to version 2.7.6 related to the smf gn handle create pdp context request function within the SMF component, specifically in the file /src/smf/gn-handler.c. The...

CVE-2026-25922

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cpswnew driver not executing the ndosetrxmode callback in the work queue, potentially leading...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to execute the ndosetrxmode callback in the work queue, potentially leading to...

OESA-2026-1350 tinyxml2 security update

TinyXML-2 is a simple, small, efficient, C++ XML parser that can be easily integrated into other programs. TinyXML-2 parses an XML document, and builds from that a Document Object Model DOM that can be read, modified, and saved. Security Fixes: TinyXML2 through 10.0.0 has a reachable assertion fo...

OESA-2026-1349 tinyxml2 security update

TinyXML-2 is a simple, small, efficient, C++ XML parser that can be easily integrated into other programs. TinyXML-2 parses an XML document, and builds from that a Document Object Model DOM that can be read, modified, and saved. Security Fixes: TinyXML2 through 10.0.0 has a reachable assertion fo...

FreeBSD : MongoDB Server -- CWE-617 Reachable Assertion (7b5671f9-0800-11f1-8a6f-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b5671f9-0800-11f1-8a6f-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-99119 reports: An authorized user may trigger a server crash by...