CVE-2026-31453

The CVE-2026-31453 issue affects the Linux kernel XFS path. The root cause is use-after-free-like behavior: after xfsaild_push_item() calls iop_push(), the log item could be freed if the AIL lock is dropped, allowing a freed log item to be dereferenced by tracepoints in the switch that follow. Th...

freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb

A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking for empty pointers in l2capsockreadycb, potentially leading to uninitialized point...

PT-2026-34415

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the Bluetooth L2CAP component. The issue occurs within the l2cap sock ready cb function when the sk pointer is used without verifying if it is null...

PT-2026-34392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the SPI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...

PT-2026-34620

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the from pem callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013498 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010909 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013154)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013154 advisory. In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010698 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010693 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006989)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006989 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit armsmmupmuinit won't remove the callback...

curl: Use-after-free in `curl_easy_ssls_export()` during callback re-entrancy

Summary: curleasysslsexport iterates the SSL session list and invokes a caller-provided callback for each entry. If that callback calls curleasysslsimport on the same easy handle, the import path can evict and free the current session node while the export loop still holds it. The subsequent...

Exploit for CVE-2025-6389

CVE-2025-6389 Sneeit Framework = 8.3 - Unauthenticated Rem...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the GitHub OAuth callback handler when the refreshInterval query parameter is embedded verbatim into an error message and rendered unescaped into HTML. An attacker can execute arbitrary JavaScript in the...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the GitHub OAuth callback handler when the refreshInterval query parameter is embedded verbatim into an error message and rendered unescaped into HTML. An attacker can execute arbitrary JavaScript in the...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the GitHub OAuth callback handler when the refreshInterval query parameter is embedded verbatim into an error message and rendered unescaped into HTML. An attacker can execute arbitrary JavaScript in the...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the GitHub OAuth callback handler when the refreshInterval query parameter is embedded verbatim into an error message and rendered unescaped into HTML. An attacker can execute arbitrary JavaScript in the...

Insecure Default Initialization of Resource

Overview @openclaw/feishu is an OpenClaw Feishu/Lark channel plugin community maintained by @m1heng Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via improper validation of the encryptKey configuration and blank callback tokens. An attacker can ga...