PT-2026-34988

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk verify authenticator copies auth len bytes into a temporary buffer and then passes p + auth len as the parser limit to rxgk do verify authenticator. Since p is a be32 , that...

PT-2026-34990

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc input packet on conn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpc try get cal...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rxrpcserverkeyring function not checking whether rx-securities has been set, resulting in a count...

PT-2026-34991

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpc alloc client call, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of incorrect private data in the rxrpcpostresponse function when comparing cached response...

PT-2026-34995

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak In rxrpc preparse xdr yfs rxgk, the memory attached to token-rxgk can be leaked in a few error paths after it's allocated. Fix this by freeing it in the "reject token:" case...

CVE-2026-41337

OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers with captured valid callbacks for live calls can exploit this to manipulate callback origins during...

CVE-2026-41337 OpenClaw < 2026.3.31 - Callback Origin Mutation in Plivo Voice-call Replay

OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers with captured valid callbacks for live calls can exploit this to manipulate callback origins during...

CVE-2026-41337 OpenClaw < 2026.3.31 - Callback Origin Mutation in Plivo Voice-call Replay

OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers with captured valid callbacks for live calls can exploit this to manipulate callback origins during...

CVE-2026-41337

OpenClaw before version 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay. Attackers who have captured valid live-call callbacks can mutate the in‑process callback origin during the replay process, enabling manipulation of callback origins. The CVE entry lists...

EUVD-2026-25268

OpenTelemetry dotnet: Unbounded grpc-status-details-bin parsing in OTLP/gRPC retry handling...

CVE-2026-4088

The Switch CTA Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wppwctabox' shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping on user-supplied post meta values including 'ctaboxbuttonlink',...

CVE-2026-40891 OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling

OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could...

BIT-KYVERNO-2026-40868 kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header...

nfc: nci: fix circular locking dependency in nci_close_device

...

CVE-2026-41197

Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...

SUSE CVE-2026-31445

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid use of half-online-committed context One major usage of damoncall is online DAMON parameters update. It is done by calling damoncommitctx inside the damoncall callback function. damoncommitctx can fail for tw...

CVE-2026-41197 Brillig: Heap corruption in foreign call results with nested tuple arrays

Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities were caused by a mutation vulnerability in the callback source during Plivo voice call replaying, allowing attackers...

OpenTelemetry .NET 安全漏洞

OpenTelemetry .NET is the .NET client of OpenTelemetry by OpenTelemetry Inc. There were security vulnerabilities in the version of OpenTelemetry .NET from 1.13.1 to 1.15.2. These vulnerabilities stemmed from the gRPC exporter’s ability to parse the grpc-status-details-bin trailer provided by the...