CVE-2026-46024 libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

EUVD-2026-32405

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

CVE-2026-46024

CVE-2026-46024 targets the Linux kernel libceph component, where a CEPH_MSG_AUTH_REPLY containing zero values for both protocol and result could lead to a null pointer dereference due to ac->ops being NULL after faulty auth handling. The root cause is that a too-permissive check allowed ac-&gt...

CVE-2026-45964 SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

SUSE CVE-2026-48847

Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass...

Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts

...

CVE-2026-3896

The Livemesh SiteOrigin Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lsowadminajax AJAX action in all versions up to, and including, 3.9.2 due to missing authorization checks and insufficient input sanitization. The AJAX handler verifies a nonce but does not...

CVE-2026-8787

The CVE applies to the WordPress plugin Firebase Support & Chat Management (up to version 3.1.1 ). The root cause is in the firebase_auth() function, which authenticates using the target WordPress user’s email supplied in the user_email POST parameter without verifying ownership or issuing a vali...

CVE-2026-8787 Firebase Support & Chat Management <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the firebaseauth function authenticating the request as the WordPress user whose email is supplied in the useremail POST parameter without...

CVE-2026-8787

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the firebaseauth function authenticating the request as the WordPress user whose email is supplied in the useremail POST parameter without...

Xiaomi Mi WiFi R3G Routers - Local file Inclusion

Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnerabilities via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. id: CVE-2019-18371...

Ivanti Sentry - Authentication Bypass

A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. id: CVE-2023-38035 info: name: Ivanti...

Yamcs has No Rate Limiting on Authentication Endpoint

Summary The authentication endpoint POST /auth/token in yamcs-core lacks any form of rate limiting, account lockout, or failed attempt throttling. As a result, an unauthenticated remote attacker can perform unlimited password guessing attempts against any user account. This missing rate limiting...

CVE-2026-45870

SUNRPC: authgss: fix memory leaks in XDR decoding error paths...

PT-2026-43831

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kref leak exists in the SUNRPC component. In the gss alloc msg function, a kref get&gss auth-kref call was implemented to balance the gss put auth operation performed in gss release ms...

Linux Distros Unpatched Vulnerability : CVE-2026-46024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this ...

PT-2026-44151

Summary AsyncSSH 2.22.0 expands the OpenSSH-compatible AuthorizedKeysFile %u token with the raw SSH username during pre-authentication server config reload. A server configured with a documented per-user key pattern such as AuthorizedKeysFile authorized keys/%u can be made to read an...

PT-2026-43891

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur in the ceph handle auth reply function within libceph. This happens when a message of type 'CEPH MSG AUTH REPLY' contains zero values for both the...

CVE-2026-45575 epa4all-client: Improper Verification of Cryptographic Signature

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects uripukidpenc and...