GO-2026-4899 Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted in github.com/bishopfox/sliver

Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...

PT-2026-29943

Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...

GHSA-C279-989M-238F Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted

Summary A nil pointer dereference in tunnelCloseHandler causes the handler goroutine to panic whenever a reverse tunnel rportfwd close is attempted. Both the legitimate close path AND the unauthorized close path dereference tunnel.SessionID where tunnel is guaranteed nil. This means rportfwd...

Replay Attack

Overview mppx is a /picture Affected versions of this package are vulnerable to Replay Attack in the tempo/session cooperative close handler due to improper validation of the close voucher amount. An attacker can bypass intended restrictions by submitting a close voucher with an amount exactly...

CVE-2026-28555

wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforocloseajax handler. Attackers submit a valid nonce with an arbitrary topic ID to bypass the moderator permission requirement and disrupt forum...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992252 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer...