EUVD-2026-38565

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private could remain reachable without authentication for a short period after the change, due to a cached...

PT-2026-45903

Name of the Vulnerable Software and Affected Versions Vinyl Cache versions prior to 9.0.1 Varnish Cache versions prior to 9.0.3 Description A deficiency in HTTP/2 request parsing allows for backend request desync attacks, also known as request smuggling. This occurs when the frontend and backend...

PT-2026-40778

Name of the Vulnerable Software and Affected Versions AMD Zen 2-based products affected versions not specified Description Improper isolation of shared resources within the CPU operation op/µop cache on Zen 2-based products can cause incorrect instructions to be executed at a higher privilege...

Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017656)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017656 advisory. A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that...

SUSE CVE-2026-34079

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...

PT-2026-31343

Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay establishes a network...

K000160295: Intel CPU vulnerability CVE-2025-20109

Security Advisory Description Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-20109 Impact This vulnerability may allow an authenticated use...

PT-2026-22204

Name of the Vulnerable Software and Affected Versions wger versions prior to 2.4 Description The software contains a flaw where routine detail action endpoints check a cache before verifying object ownership using self.get object. Cache keys are scoped only by the primary key pk and do not includ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001384 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

CVE-2025-59029

PowerDNS Recursor exposes CVE-2025-59029: an attacker can trigger an assertion failure by sending crafted DNS records and then querying with qtype=ANY after records are cached. The issue affects the PowerDNS Recursor family per multiple CNVD/NVD/CVE records; the NVD metrics indicate NETWORK attac...

powerdns-recursor -- Denial of Service

PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial of service in Recursor 2025-08: Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor 2026-01: Crafted zones can lead to increased resource usage in Recursor...

Apple多款产品 安全漏洞

Apple Safari and others are products of Apple Inc. Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. A security vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2018-19143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Ticket Request System OTRS 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified...

Linux Distros Unpatched Vulnerability : CVE-2022-23959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x...

Nx 安全漏洞

Nx is an application from Nx, Inc. A security vulnerability exists in Nx that stems from a design flaw in the bucket-based remote cache that could lead to the injection of compromised artifacts into a trusted production environment...

PT-2025-49592

Name of the Vulnerable Software and Affected Versions pdns-recursor affected versions not specified Description An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP. This impacts pdns-recursor in Debian Linux. Recommendations At the moment, there is no...

glibc: netgroup cache may terminate daemon on memory allocation failure

A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure...

AZL-40222 CVE-2024-0874 affecting package coredns for versions less than 1.11.1-8

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching...

PT-2024-3321

Name of the Vulnerable Software and Affected Versions glibc versions 2.15 and later Description The Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, resulting in a null pointer dereference when a client request is made. This flaw was introduced in...

SUSE CVE-2017-8819

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue...