CVE-2026-10641

Zephyr's Bluetooth Classic Hands-Free Profile HFP Hands-Free role parser subsys/bluetooth/host/classic/hfphf.c contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cindhandle, which assigns a per-entry counter index a...

CVE-2026-10641 Out-of-bounds write in Bluetooth HFP Hands-Free CIND indicator parsing (cind_handle_values)

Zephyr's Bluetooth Classic Hands-Free Profile HFP Hands-Free role parser subsys/bluetooth/host/classic/hfphf.c contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cindhandle, which assigns a per-entry counter index a...

EUVD-2026-37702

Zephyr's Bluetooth Classic Hands-Free Profile HFP Hands-Free role parser subsys/bluetooth/host/classic/hfphf.c contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cindhandle, which assigns a per-entry counter index a...

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Chromium: CVE-2026-11699 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11698 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11641 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11635 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11633 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-12222

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

CVE-2026-12222 Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

CVE-2026-12222

CVE-2026-12222 affects Yealink SIP-T46U (firmware 108.86.0.118) via the Web FastCGI Service: function mod_webd.BlueToothTest in /api/inner/bttest, where manipulating btMac/pin/reserved can trigger a stack-based overflow. Exploitation reportedly public and feasible within a local network; vendor d...

CVE-2026-11535

An unauthorized access vulnerability exists in the PcSuite APP. The vulnerability can be exploited by attackers to Unauthorized access to the victim’s device...

CVE-2026-11535

An unauthorized access vulnerability exists in the PcSuite APP. The vulnerability can be exploited by attackers to Unauthorized access to the victim’s device...

EUVD-2026-36391

An unauthorized access vulnerability exists in the PcSuite APP. The vulnerability can be exploited by attackers to Unauthorized access to the victim’s device...

CVE-2026-11535

CVE-2026-11535 affects the PcSuite APP. The connected documents describe an authentication mechanism defect in PcSuite that can allow information leakage within Bluetooth range, leading to unauthorized access to victim devices. The NVD and CVE listings repeat the same description of unauthorized ...

OPENSUSE-SU-2026:20944-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 149.0.7827.102 boo1267911: CVE-2026-11628: Use after free in Ozone CVE-2026-11629: Use after free in Ozone CVE-2026-11630: Use after free in File Input CVE-2026-11631: Use after free in Aura CVE-2026-11632: Use...