CVE-2026-31513

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol component. A remote attacker can send a specially crafted Enhanced Credit Based Connection Request with an excessive number of Source Channel IDs SCIDs. This can cause a stack-out-of-bounds read wh...

CVE-2026-31513 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987214)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987214 advisory. In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID...

Information Disclosure

github.com/mattermost/mattermost-server is vulnerable to Information Disclosure. The vulnerability is due to a failure to properly sanitize the recipients of a webhook event, allowing attackers monitoring webhook events to retrieve the channel IDs of archived or restored channels...

CVE-2024-39807

Mattermost versions 9.5.x = 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels...

CVE-2024-39807

Mattermost versions 9.5.x = 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels...

CVE-2024-39807 Channel IDs of archived/restored channels leaked via webhook events

Mattermost versions 9.5.x = 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels...

Information Disclosure

Mattermost is vulnerable to Information Disclosure. The vulnerability is due to the exposure of channel IDs in the metrics endpoint response. This could allow an attacker to expose sensitive information that they are not explicitly authorized to have access to...

CVE-2023-6459 Public endpoint /metrics of Calls plugin reveals channel IDs

Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...

Input validation

kenny2automate is a Discord bot. In the web interface for server settings, form elements were generated with Discord channel IDs as part of input names. Prior to commit a947d7c, no validation was performed to ensure that the channel IDs submitted actually belonged to the server being configured...

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

USN-3465-1: Irssi vulnerabilities

Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. CVE-2017-10965 Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A...

USN-3465-1 irssi vulnerabilities

Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. CVE-2017-10965 Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A...