PT-2026-43567

AgentClienthandle method lines 264-303 processes every NATS reply. It calls inject compile log line 273 on every response, which reads response'value''result''compile log id' line 332-338 and passes it to download and delete blob. Separately, any response containing 'exception' goes through forma...

CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

Linux Distros Unpatched Vulnerability : CVE-2026-43287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory...

GHSA-FPF5-4JW8-67X8 rust-zserio has Unbounded Memory Allocation

Impact When deserializing arrays, strings or bytes blob types zserio first reads the size of the variable, and then allocates sufficient memory to load data. Since the size is always trusted this can be abused by creating a data file with a large size value, causing the zserio runtime to allocate...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass due to the possibility to restore read access in repo a after an explicit delete when both storage.cache.blobdescriptor: redis and storage.delete.enabled: true are enabled. An attacker can regain unauthorized read...

CVE-2026-35172 Distribution has stale blob access resurrection via repo-scoped redis descriptor cache invalidation

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

Linux Distros Unpatched Vulnerability : CVE-2026-23471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's xemoduleload --r reload...

EUVD-2026-18742

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's "xemoduleload --r reload" with a full desktop environment and game running I noticed a few...

CVE-2026-23471

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-23471

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2026-23471

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-23471

...

CVE-2026-23471

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's "xemoduleload --r reload" with a full desktop environment and game running I noticed a few...

CVE-2026-23471

CVE-2026-23471 documents a use-after-free in the Linux kernel DRM subsystem, specifically involving framebuffers and property blobs during drm_dev_unplug. The issue manifested as OOPSes and dereferencing freed pointers after compositor exit, ultimately risking a crash or instability in graphics s...

PT-2026-30165

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drm dev unplug When trying to do a rather aggressive test of igt's "xe module load --r reload" with a full desktop environment and game running I noticed a f...

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the Blobs::ProxyController. An attacker can exhaust server memory by sending requests with large or unbounded range headers. Remediation Upgrade activestorage to version 7.2.3.1, 8.0.4.1,...

Improper Handling of Length Parameter Inconsistency

Overview Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency in the readGGUFV1String function, which is exposed over the /blobs and /create endpoints. An attacker can cause the service to become unavailable by submitting malicious GGUF metadata...

CVE-2022-0687

The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users with the custom "Amelia Manager" role...

Linux Distros Unpatched Vulnerability : CVE-2025-10004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instan...

BIT-GITLAB-2025-10004 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by sending crafted GraphQL queries requesting large repository blobs...