CVE-2026-23082

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...

CVE-2026-23091

In the Linux kernel, the following vulnerability has been resolved: intelth: fix device leak on output open Make sure to drop the reference taken when looking up the th device during output device open on errors and on close. Note that a recent commit fixed the leak in a couple of open error path...

UBUNTU-CVE-2026-23103

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrslock be per port Make the addrslock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. ...

CVE-2026-23103

Technical details about CVE-2026-23103 are not provided in the supplied documents. The description mentions making addrs_lock per port and related fixes, but lacks explicit affected products, versions, or remediation steps. Monitor for updates.

CVE-2026-23091 intel_th: fix device leak on output open()

In the Linux kernel, the following vulnerability has been resolved: intelth: fix device leak on output open Make sure to drop the reference taken when looking up the th device during output device open on errors and on close. Note that a recent commit fixed the leak in a couple of open error path...

SUSE CVE-2026-23031

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...

AZL-76466 CVE-2025-63653 affecting package fluent-bit 3.0.6-6

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63653

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63653

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63653

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63653

Affects mk_server/mk_vhost.c, function mk_vhost_fdt_close, in monkey commit f37e984. This out-of-bounds read can be triggered by a crafted HTTP request to cause a Denial of Service. Public documents do not provide a confirmed fixed version or patch details; exploitation status is not described be...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from an out-of-bounds read in the mkvhostfdtclose function, potentially leading to a denial-of-service attack...

PT-2026-5340

Name of the Vulnerable Software and Affected Versions monkey commit f37e984 Description An out-of-bounds read exists in the mk vhost fdt close function located in mk server/mk vhost.c. This issue allows attackers to cause a Denial of Service DoS by sending a crafted HTTP request to the server...

EUVD-2025-206526

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63653

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop via the NoCloseOutputStream process. An attacker can cause the application to enter an infinite loop and exhaust system resources by sending specially crafted input to the affected stream writer. Remediation A fix was push...

CVE-2026-24802

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in briandilley jsonrpc4j src/main/java/com/googlecode/jsonrpc4j modules. This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0...

CVE-2026-24802

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in briandilley jsonrpc4j src/main/java/com/googlecode/jsonrpc4j modules. This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0...

CVE-2026-24802

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in briandilley jsonrpc4j src/main/java/com/googlecode/jsonrpc4j modules. This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0...

CVE-2026-24802 Buffer Overflow Vulnerability in briandilley/jsonrpc4j

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in briandilley jsonrpc4j src/main/java/com/googlecode/jsonrpc4j modules. This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0...