Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011026)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011026 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsicoexattach The coexcb needs to be freed when rsicreatekthread...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013182 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpusreadlock to cgroupattachtaskall syzbot is hitting...

CVE-2026-3464 WP Customer Area <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Read/Deletion via ajax_attach_file

The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in the 'ajaxattachfile' function in all versions up to, and including, 8.3.4. This makes it possible for authenticated attackers with a role that an administrator...

CVE-2026-3464

The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in the 'ajaxattachfile' function in all versions up to, and including, 8.3.4. This makes it possible for authenticated attackers with a role that an administrator...

CVE-2026-3464 WP Customer Area <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Read/Deletion via ajax_attach_file

The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in the 'ajaxattachfile' function in all versions up to, and including, 8.3.4. This makes it possible for authenticated attackers with a role that an administrator...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007261)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007261 advisory. In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007265 advisory. In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budgetavattach When saa7146registerdevice and saa7146vvinit...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007550 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsicoexattach The coexcb needs to be freed when rsicreatekthread...

CVE-2026-35469

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006678)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006678 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in deviceattach In deviceattach function, The lock holding logic is as...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006687)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006687 advisory. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driverattach failed When driverattachdrv %NASLMINLEVEL 80900 C Tenabl...

Uncontrolled Resource Consumption

github.com/containerd/containerd is vulnerable to uncontrolled resource consumption. The vulnerability is due to goroutine leaks in the attach mechanism, which allows an attacker to exhaust host memory by repeatedly initiating attach requests...

EUVD-2026-15351

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled: 1362.049207 ledtriggerregister+0x5c/0x1fc...

Linux Distros Unpatched Vulnerability : CVE-2026-23368

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled:...

EUVD-2025-208844

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...

EulerOS 2.0 SP12 : containerd (EulerOS-SA-2026-1353)

According to the versions of the containerd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and...

EulerOS 2.0 SP10 : containerd (EulerOS-SA-2026-1329)

According to the versions of the containerd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and...

EulerOS 2.0 SP13 : docker-engine (EulerOS-SA-2026-1266)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and...

EulerOS 2.0 SP13 : docker-engine (EulerOS-SA-2026-1230)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005646 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under...