JLSEC-2026-410

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

JLSEC-2026-396

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

Security Bulletin: pyOpenSSL TLS SNI Callback Exception Handling Flaw Allows Security Bypass

Summary pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this...

Astra Linux - уязвимость в curl

When performing HTTPS transfers, libcurl may incorrectly use the read callback CURLOPTREADFUNCTION to request data to be sent, even when the CURLOPTPOSTFIELDS option has been set. This occurs if the same handle was previously used to issue a PUT request that utilized that callback. This flaw may...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible’s amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to exploit the issue, as the module handles the parameter insecurely, resulting in the password being leaked in the logs...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dm: fixed a use-after-free in dmcleanupzoneddev dmcleanupzoneddev uses a queue, so it must be called before blkcleanupdisk starts its execution: blkcleanupdisk-blkcleanupqueue-kobjectput-blkreleasequeue-...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Properly handle CPU state during hotplug events. Consider a scenario where a CPU transitions from CPUHPONLINE to CPUHPHRTIMERSPREPARE after a CPU is unplugged, and then back to CPUHPONLINE again. Since the...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: i2c: et8ek8: Do not discard the remove function when the driver is built-in. Using exit for the remove function results in the remove callback being discarded when CONFIGVIDEOET8EK8=y. When such a device is unbound e.g.,...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: xc2028: Avoid use-after-free in loadfirmwarecb Syzkaller reported a use-after-free in loadfirmwarecb. The reason is that the module allocated a struct tuner in tunerprobe, and then the module initialization failed, causing...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: davinci: vpif: fix use-after-free on driver unbind The driver allocates and registers two platform device structures during probe, but the devices were never deregistered on driver unbind. This results in a use-after-free ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/connector: Only call HDMIaudiohelperpluggedcb if fn is not null. During driver removal, sound/soc/codecs/hdmicodec.c calls HDMIaudiohelperpluggedcb with NULL as the callback function and codecdev. As seen in its hdmiremove...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: perf/armdmc620: Fixed the hotplug callback leak in dmc620pmuinit. The dmc620pmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by...

CVE-2026-4658

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the className, classHook, and blockId attributes in the Add to Cart block essential-blocks/add-to-cart in all versions up to, and including, 6.0.4. This...

CVE-2026-7518

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

SUSE CVE-2026-31701

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

SUSE CVE-2026-31719

In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...

WordPress plugin Essential Blocks 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-43021

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns with error, the destroy callback will not be called. Fix leaking references / memory on these failures...

CVE-2026-31756

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be held since it does spinunlock/spinlock around the gadget driver...