Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of a CAPNETADMIN capability check for the peer network namespace in the rtnlnewlink...

Linux Distros Unpatched Vulnerability : CVE-2026-31692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rtnetlink: add missing netlinknscapable check for peer netns rtnlnewlink lacks a CAPNETADMIN capability check on the peer network namespace when creating paired...

PT-2026-36087

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The rtnl newlink function lacks a CAP NET ADMIN capability check on the peer network namespace during the creation of paired devices such as veth, vxcan, and netkit. This allows an...

CVE-2026-31692

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns rtnlnewlink lacks a CAPNETADMIN capability check on the peer network namespace when creating paired devices veth, vxcan, netkit. This allows an unprivileged user with a...

Jailbroken Frontier Models Retain Their Capabilities

As language model safeguards become more robust, attackers are pushed toward developing increasingly complex jailbreaks. Prior work has found that this complexity imposes a "jailbreak tax" that degrades the target model's task performance. We show that this tax scales inversely with model...

CVE-2026-5712

This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...

Malicious code in @cap-js/db-service (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

PT-2026-35962

Name of the Vulnerable Software and Affected Versions IdentityIQ affected versions not specified Description An authenticated identity acting as the requestor or assignee of a work item can edit a role definition without possessing the required capability for role editing. Recommendations At the...

SUSE CVE-2026-31570

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

WordPress plugin ExactMetrics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin BetterDocs 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

The Security Cost of Intelligence: AI Capability, Cyber Risk, and Deployment Paradox

Firms are deploying more capable AI systems, but organizational controls often have not kept pace. These systems can generate greater productivity gains, but high-value uses require broader authority exposure -- data access, workflow integration, and delegated authority -- when governance control...

openSUSE 16 Security Update : libcap (openSUSE-SU-2026:20613-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20613-1 advisory. - CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in capsetfile bsc1261809. Tenable has extract...

SUSE CVE-2026-31440

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...

PT-2026-34649

The ExactMetrics – Google Analytics Dashboard for WordPress Website Stats Plugin plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation in all versions up to, and including, 9.1.2. This is due to the reports page exposing the 'onboarding key' transient to...

CLSA-2026-1776877737 squid: Fix of CVE-2021-28116

CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...

EUVD-2026-24768

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...

CVE-2026-31440

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...

SUSE-SU-2026:21274-1 Security update for libcap

This update for libcap fixes the following issues: - CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in capsetfile bsc1261809...

CVE-2026-1930

The Emailchef plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pageoptionsajaxdisconnect function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers, with Subscriber-level access and above...