CVE-2026-46279 mm/alloc_tag: clear codetag for pages allocated before page_ext initialization

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

CVE-2026-8976 RSS Aggregator by Feedzy <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure via Multiple AJAX Sub-Actions

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action...

CVE-2026-8976

The CVE-2026-8976 entry concerns the WordPress plugin RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator . It states a vulnerability in all versions up to and including 5.1.7: an authorization bypass where the plugin does not properly verify a user’s perm...

WordPress RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure vulnerability

Missing Authorization to Authenticated Contributor+ Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Feedzy versions = 5.1.7...

CVE-2026-46229

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...

PT-2026-44314

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An out-of-bounds font access occurs in the fbcon rotate font function when console rotation fails. The system retains the ol...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clearing all LMTT pages upon allocation Our LMEM buffer objects are not cleared by default upon allocation. During VF provisioning, we only set up LMTT PTEs for the actually provisioned LMEM range. However, beyond that...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86: Fixed NULL pointer access and potential loss of PEBS records When the function intelpmudrainpebsicl is called to drain PEBS records, the function perfeventoverflow may be called to process the last PEBS record. Durin...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix for the condition effect bit clearing issue As reported by MPDarkGuy on Discord, NULL pointer dereferencing occurred because not all conditional effect bits were cleared. Properly clear all conditional effect bits...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86: fixed the exception handling annotation in clearuserrepgood This code no longer exists in the mainline, as it was removed in the commit d2c95f9d6802 “x86: do not use REPGOOD or ERMS for user memory clearing”. However, instea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Allocate memory before using it. KMSAN reports: Multiple uninitialized values were detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper f...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nbd: The issue of task hanging when the nbdstartdeviceioctl signal interrupt occurs has been fixed. The syzbot reported that the task could get hung. The following program is a simplified version of the original reproducer...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fsnotify: The flag PARENTWATCHED is cleared lazily. In some setups, directories can have many usually negative entries. As a result, the function fsnotifyupdatechilddentryflags can take a significant amount of time. Since most of...

SUSE CVE-2026-43388

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...

BIT-PYTHON-MIN-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

BIT-PYTHON-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

SUSE CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

DEBIAN-CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...