CVE-2026-46073

A flaw was found in the Linux kernel's hwmon subsystem, specifically within the powerz driver. When a signal interrupt occurs during the waitforcompletioninterruptibletimeout function, the system fails to properly abort the USB Request Block URB. This oversight can lead to the kernel attempting t...

CVE-2026-8362

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome...

CVE-2026-8362 Gladinet Triofox Stack-based Buffer Overflow in WOSDefaultHttpModule.dll

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome...

EUVD-2026-32643

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome...

CVE-2026-8363

CVE-2026-8363: A stack-based buffer overflow in WOSDeviceDropFolder.dll occurs when processing a long URL path starting with /resources. Documented under Gladinet Triofox; affected component is WOSDeviceDropFolder.dll. CVSS v3.1 shows a critical base score of 9.8 (Network, No user interaction, pr...

EUVD-2026-32642

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...

CVE-2026-8363 Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFolder.dll

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...

CVE-2026-8363

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...

CVE-2026-46066

A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...

JLSEC-2026-564 In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized...

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

CVE-2026-46088

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA control component. Improper validation of the buffer length before a string length operation in the sndctleleminitenumnames function can lead to a system panic. This vulnerability could allow a local attacker to trigger...

CVE-2026-46097

A flaw was found in the Linux kernel's edt-ft5x06 input driver. This vulnerability, a use-after-free, arises during the debugfs teardown, allowing debugfs files to be accessed after an associated buffer has been released. This could enable a local attacker to cause system instability or potential...

CVE-2026-46096

A flaw was found in the Linux kernel's tpm2-sessions component. The tpm2readpublic function fails to properly destroy a buffer on certain exit paths, leading to a page allocation leak. This resource exhaustion could allow a local attacker to cause a Denial of Service DoS...

SUSE-SU-2026:21854-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

EUVD-2026-32286

In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...

EUVD-2026-32269

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

EUVD-2026-32387

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtdparsertplinksafeloaderparse The function mtdparsertplinksafeloaderparse allocates buf via mtdparsertplinksafeloaderreadtable. If the allocation for partsidx.name fails inside the loop, the code...

EUVD-2026-32374

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...

EUVD-2026-32350

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid per-cpu hold underflow in aagetbuffer When aagetbuffer pulls from the per-cpu list it unconditionally decrements cache-hold. If hold reaches 0 while count is still non-zero, the unsigned decrement wraps to UINTMAX...

EUVD-2026-32355

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...