1858 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : libcap vulnerability (USN-8193-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8193-1 advisory. Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could possibly use this issue to inject or strip...
PT-2026-34490
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...
USN-8193-1 libcap2 vulnerability
Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could possibly use this issue to inject or strip capabilities into arbitrary executables and escalate privileges...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007055)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007055 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011187)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011187 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecap...
EUVD-2024-55545
The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input parameters, which are then executed by the victim's browser. Successful exploitation can enable an...
CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
EUVD-2026-23007
IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capability or any custom capability with the ViewAccessDebugPage SPRight to incorrectly create new...
CVE-2026-20205
Summary: CVE-2026-20205 affects Splunk MCP Server app versions below 1.0.3. A user with access to the Splunk _internal index** or with the high-privilege capability mcp_tool_admin can view users’ sessions and authorization tokens in clear text. The vulnerability requires either local access to lo...
[SECURITY] Fedora 43 Update: libcap-2.76-4.fc43
libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities...
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Unknown threat actors compromised CPUID "cpuid.com", a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident...
Beyond Static Sandboxing: Learned Capability Governance for Autonomous AI Agents
Autonomous AI agents built on open-source runtimes such as OpenClaw expose every available tool to every session by default, regardless of the task. A summarization task receives the same shell execution, subagent spawning, and credential access capabilities as a code deployment task, a 15x...
Personal AI Infrastructure 4.0.3
PAI is a Personalized AI Platform designed to magnify your capabilities. It's designed for humans most of all, but can be used by teams, companies, or Federations of Planets desiring to be better versions of themselves. The goal of the project is to get people working with AI and lower the bar...
openSUSE 16 Security Update : mapserver (openSUSE-SU-2026:20476-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20476-1 advisory. Changes in mapserver: - Update to release 8.6.1 msSLDParseRasterSymbolizer: fix potential heap buffer overflow boo1260869 CVE-2026-33721 GetFeatureInfo...
ALPINE-CVE-2026-4878
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...
EUVD-2026-20910
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...
CVE-2026-4878 Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...
CVE-2026-4878
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...
CVE-2026-30080
OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuration has supported integrity NIA1 and NIA2. But if an UE sends initial registration request with only security capability IA0, OpenAirInterface accepts and proceeds. This downgrade security context c...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006762)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006762 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be...