457395 matches found
CVE-2026-52945
In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...
CVE-2026-52945
The CVE-2026-52945 entry describes a Linux kernel vulnerability in the WireGuard component where enabling threaded NAPI can cause the decryption path for a WireGuard peer to stall under heavy network load (notably with Cilium), effectively causing a DoS for that peer while other peers remain func...
CVE-2026-52945 Revert "wireguard: device: enable threaded NAPI"
In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...
Deserialization of Untrusted Data
Overview feast is a Python SDK for Feast Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the ApplyFeatureView handler of registryserver.py, which calls FeatureView.fromproto and deserializes the feature view's embedded user-defined function before the appl...
CVE-2026-56121
Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The userdefinedfunction.body field of an OnDemandFeatureView spec is decoded from...
CVE-2026-56111
Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESHBEDLEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single...
Security Bulletin: Unrestricted upload of file with dangerous type, improper certificate validation, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
Summary IBM Storage Defender - Resiliency Service is vulnerable to unrestricted upload of file with dangerous type, improper certificate validation, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-3219 DESCRIPTION: pip handles concatenated tar and ZIP fil...
CVE-2026-13164
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-13164 Unauthenticated self-registration in MailerUp allows access to stored email data
Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...
CVE-2026-13164 Unauthenticated self-registration in MailerUp allows access to stored email data
Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...
CVE-2026-13164
Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix ofiomap memory leak Matching reports: drivers/clk/mediatek/clk-mtk.c:583 mtkclksimpleprobe warning: ‘base’ from ofiomap is not released on lines: 496. This problem was also found in linux-next. In...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: A NULL pointer dereferencing issue was addressed when splitting folio objects. The commit c010d47f107f “mm: thp: splitting huge pages into lower-order pages” introduced a check on the order of the folio objects via...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fixed a situation where a hard lockup occurs in the virtual machine after prolonged inactivity, due to the periodic HV timer. When advancing the expiration of the guest’s APIC timer in periodic mode, set the expiration ...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: netpoll: Fix incorrect refcount handling causing improper cleanup The commit efa95b01da18 “netpoll: fix use after free” incorrectly ignored the refcount and prematurely set dev-npinfo to NULL during netpoll cleanup,...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning appears...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: The issue with the gssauth kref leak in the gssallocmsg error path has been fixed. Commit 5940d1cf9f42 “SUNRPC: Rebalancing the kref in authgss.c” includes a call to krefget&gssauth-kref to balance the gssputauth...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the wait barrier is required before returning a discard request with the REQNOWAIT flag. The raid10handlediscard function should also wait for the barrier before returning a discard bio that has the REQNOWAIT flag...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘wireguard: device: enable threaded NAPI’” This resolution involves commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c, which is a commit from upstream. We received three independent reports from production users who were...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...