CVE-2026-41218

When BIG-IP PEM iRules are configured on a virtual server iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End ...

Astra Linux - уязвимость в linux-5.10, linux

In the net/sched/schcbq.c file of the Linux kernel, from version 6.1.4 onwards, cbqclassify allows attackers to cause a denial of service due to type confusion. Non-negative numbers can sometimes indicate a TCACTSHOT condition, rather than valid classification results, leading to improper...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Added bpfprogrundatapointers It was discovered that clsbpfclassify can modify tcskbcbskb-dropreason, triggering a warning in skskbreasonDrop. WARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192;...

offsec-skills

offsec-exploit-research Elite adaptive whitebox exploit resea...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

EUVD-2026-21945

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL pointer dereference on shared blocks The old-method path in fwclassify calls tcfblockq and dereferences q-handle. Shared blocks leave block-q NULL, causing a NULL deref when an empty clsfw filter is...

PT-2026-32350

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter x tables component where xt match and xt target structures registered with NFPROTO UNSPEC can be loaded by any protocol family via nft compat. When these...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

caver (=0.0.1), distilbert-punctuator (>=0.2.0 <=0.3.0) +1 more potentially affected by CVE-2026-30244 via plane (=0.2.1)

plane PYPI version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on plane and may be impacted: - caver =0.0.1 - distilbert-punctuator =0.2.0, =0.0.5, =0.0.8 Source cves: CVE-2026-30244 Source advisory: OSV:GHSA-87X4-J8VH-P5QF...

caver (=0.0.1), distilbert-punctuator (>=0.2.0 <=0.3.0) +1 more potentially affected by CVE-2026-30242 via plane (=0.2.1)

plane PYPI version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on plane and may be impacted: - caver =0.0.1 - distilbert-punctuator =0.2.0, =0.0.5, =0.0.8 Source cves: CVE-2026-30242 Source advisory: OSV:GHSA-FPX8-73GF-7X73...

CVE-2026-23204

CVE-2026-23204 affects the Linux kernel net/sched cls_u32. The root cause is that skb_header_pointer() does not fully validate negative @offset values, enabling a slab-out-of-bounds condition in u32_classify() (reported as BUG: KASAN). The fix replaces skb_header_pointer() with skb_header_pointer...

CurricuLLM: Designing Personalized and Workforce-Aligned Cybersecurity Curricula Using Fine-Tuned LLMs

The cybersecurity landscape is constantly evolving, driven by increased digitalization and new cybersecurity threats. Cybersecurity programs often fail to equip graduates with skills demanded by the workforce, particularly concerning recent developments in cybersecurity, as curriculum design is...

EUVD-2025-203696

In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpfprogrundatapointers syzbot found that clsbpfclassify is able to change tcskbcbskb-dropreason triggering a warning in skskbreasondrop. WARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 skskbreasondrop...

PT-2025-51613

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where cls bpf classify can modify tc skb cbskb-drop reason, leading to a warning within sk skb reason drop. This occurs due to an incorrect interaction...

Cisco Integrated AI Security and Safety Framework Report

Artificial intelligence AI systems are being readily and rapidly adopted, increasingly permeating critical domains: from consumer platforms and enterprise software to networked systems with embedded agents. While this has unlocked potential for human productivity gains, the attack surface has...

Flock Uses Overseas Gig Workers to Build Its Surveillance AI

An accidental leak revealed that Flock, which has cameras in thousands of US communities, is using workers in the Philippines to review and classify footage...

EUVD-2024-45548

Malicious code in bioql PyPI...