Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VMFAULTSIGSEGV in mmfaulterror Handle VMFAULTSIGSEGV in the page fault path so that we correctly kill the process and we don't BUG the kernel...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log-pagemask,bits if log-pagesize changes. If an NTFS file system is mounted to another system with a different PAGESIZE than the original system, log-pagesize will change in logreplay, but log-pagemask,bits will...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netdevsim: Avoid potential loops in nsimdevtrapreportwork. Many syzbot reports include the following trace 1. If nsimdevtrapreportwork cannot acquire the mutex, it should rearm itself at least one jiffie later. 1 Sending NMI...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/zswap: fixed an inconsistency when zswapstorepage fails. The commit b7c0ccdfbafd “mm: zswap: support large folios in zswapstore” skips charging any zswap entries when it fails to zswap the entire folio. However, when some...

EUVD-2026-25857

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2026-31638

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...

CVE-2026-31486

The CVE-2026-31486 entry concerns the Linux kernel hwmon/pmbus/core regulator operations (get_voltage, set_voltage, list_voltage) not being mutex-protected, risking race conditions when accessing PMBus registers and shared data. The fix reworks pmbus_regulator_notify() to perform notifications vi...

Linux Distros Unpatched Vulnerability : CVE-2026-31486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: pmbus/core Protect regulator operations with mutex The regulator operations pmbusregulatorgetvoltage, pmbusregulatorsetvoltage, and...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010964)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010964 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'stru...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011202)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011202 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure If creation or...

Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zer...

Malicious Package

Overview base-x-64 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

net: phy: register phy led_triggers during probe to avoid AB-BA deadlock

...

CVE-2026-23368

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled: 1362.049207 ledtriggerregister+0x5c/0x1fc...

Malicious Package

Overview wildhunter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview winderlingz is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

Malicious Package

Overview n8n-nodes-csv-parse is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications

This report introduces the concept of "Highly Autonomous Cyber-Capable Agents" HACCAs, AI systems capable of autonomously conducting multi-stage cyber campaigns at a level comparable to today's top criminal hacking groups or state-affiliated threat actors, and analyzes the security implications o...

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming Add sanity check in irisvb2stopstreaming. If inst-state is already IRISINSTERROR, we should skip the streamoff operation because it would still send packets to the firmware. In...