SUSE SLES15 Security Update : kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:2191-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2191-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.200 fixes various security issues The following security issues were fixed: ...

From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agents

Memory is a core component of AI agents, enabling them to accumulate knowledge across interactions and improve performance. However, persistent memory introduces the risk of memory poisoning, where a single adversarial memory write can exert long-term influence over agent behavior. We present a...

PT-2026-45886

Name of the Vulnerable Software and Affected Versions johnhuang316 code-index-mcp versions prior to 2.14.1 Description A weakness exists in the is safe regex pattern function within the search code advanced component. A remote attacker can manipulate the regex argument to cause inefficient regula...

SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2133-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2133-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.37 fixes various security issues The following security issues were fixed: -...

PT-2026-46758

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in TabGroups allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, via malicious...

RockyLinux 8 : httpd:2.4 (RLSA-2026:22140)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22140 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in...

PT-2026-45683

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm state security mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an...

PT-2026-45834

Name of the Vulnerable Software and Affected Versions React Router versions 7.0.0 through 7.14.1 Description When using Framework Mode, a combination of steps could allow unauthorized remote code execution RCE through external requests. This occurs because the vendored turbo-stream v2 can be abus...

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2131-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2131-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.34 fixes various security issues The following security issues were fixed: -...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2200-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2200-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.302 fixes various security issues The following security issues were fixe...

PT-2026-46521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient data validation in the Animation component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

Apache httpd -- DoS exploit in HTTP/2

Calif security reports: Remote DoS in modhttp2...

SUSE-SU-2026:22033-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

SUSE-SU-2026:21971-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit bsc1265224. ...

CVE-2026-10299

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

CVE-2026-10297

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /managecourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

CVE-2026-10299

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

CVE-2026-10299 code-projects Online Hospital Management System viewdoctortimings.php resource injection

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

CVE-2026-10298

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...

CVE-2026-10298 ggml-org whisper.cpp ggml.c whisper_model_load null pointer dereference

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...