Linux Distros Unpatched Vulnerability : CVE-2026-23393

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However,...

Funds can be stolen

Lines of code Vulnerability details Impact For L2, any deposit finalization should come from L1 bridge address. Now the MailBox contract is currently helping to simulate such calls to be coming from L1. The problem is if within zkSync ecosystem, a contract is deployed with address same as L1 brid...