CVE-2026-43187

Summary: CVE-2026-43187 affects the Linux kernel XFS freemap handling in xattr leaf entries. The root cause is a bug in the freemap update logic in _leaf_add that can leave behind zero‑length freemap entries with a nonzero base, and later entries could be updated incorrectly so freemap entries ov...

CVE-2026-43187

In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 "xfs: fix attr leaf header freemap.size underflow", Brian Foster observed that it's possible for a small freemap at the end of the end of the xattr...

CVE-2026-43153 xfs: remove xfs_attr_leaf_hasname

In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a valid buffer when xfsattr3leaflookupint returns -ENOATTR or -EEXIST, and ...

CVE-2026-6672

The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up to, and including, 1.2.7. This is due to insufficient input sanitization and output escaping on user-supplied attributes in the...

RLSA-2026:13670 Moderate: python-tornado security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

PT-2026-37527

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where a small freemap at the end of the xattr entries array can experience a size underflow during array expansion. This can result in zero-length...

PT-2026-37493

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A problem exists in the XFS filesystem component where the xfs attr leaf hasname function has a problematic calling convention. The function may return a NULL buffer if xfs attr3 leaf re...

PT-2026-38056

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

AlmaLinux 9 : python-tornado (ALSA-2026:13670)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:13670 advisory. tornado-python: Tornado: Denial of Service via large multipart bodies CVE-2026-31958 tornado: Tornado: Cookie attribute injection due to improper handlin...

RockyLinux 10 : python-tornado (RLSA-2026:13641)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13641 advisory. tornado-python: Tornado: Denial of Service via large multipart bodies CVE-2026-31958 tornado: Tornado: Cookie attribute injection due to improper...

Linux Distros Unpatched Vulnerability : CVE-2026-43153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a vali...

RockyLinux 9 : python-tornado (RLSA-2026:13670)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13670 advisory. tornado-python: Tornado: Denial of Service via large multipart bodies CVE-2026-31958 tornado: Tornado: Cookie attribute injection due to improper handli...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the shstkpopsigframe function not checking the return value of mmapreadlockkillable and not marki...

Cross-site Scripting (XSS)

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the attribute process. An attacker can execute arbitrary JavaScript in the context of users who view a page by...

GHSA-R7FX-8G49-7HHR Grav CMS vulnerable to stored XSS via Markdown media attribute() action

Summary An authenticated user with page editing permissions can inject an executable JavaScript event-handler attribute into rendered image HTML through Grav's Markdown media action syntax. The issue is caused by Markdown image query parameters being converted into callable media actions. The...

CLSA-2026-1777944214 libcap: Fix of CVE-2026-4878

CVE-2026-4878: fix TOCTOU race in capsetfile by performing xattr writes via an ONOFOLLOW file descriptor instead of the user-supplied path...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the Update function. An attacker can cause the process to crash and disrupt service availability by sending a specially crafted BGP UPDATE message with inconsistent attribute lengths that leads to improper...

GHSA-P3W2-64XM-833J GoBGP has a panic in AdjRib.Update via malformed BGP Update message (Nil Pointer Dereference)

Summary Remote Denial of Service DoS via Nil Pointer Dereference in BGP Update Processing An unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent attribute lengths, it improperly...

EUVD-2026-27359

In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...

EUVD-2026-27349

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...