EUVD-2026-24583

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

CVE-2026-41146

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

PT-2026-34350

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid use of half-online-committed context One major usage of damon call is online DAMON parameters update. It is done by calling damon commit ctx inside the damon call callback function. damon commit ctx can fail...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013391 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...

PT-2026-34259

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

PT-2026-34258

CVE-2026-41664 Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prio… https://t.co/2SA7cFRHKO...

PT-2026-34255

CVE-2026-40448 Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected v… https://t.co/x8HxY9Raln...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013719 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client shou...

PT-2026-34364

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix param ctx leak on damon sysfs new test ctx failure Patch series "mm/damon/sysfs: fix memory leak and NULL dereference issues", v4. DAMON SYSFS can leak memory under allocation failure, and do NULL pointer...

PT-2026-34393

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 "drm/amd/display: Add dsc pre-validation in atomic check", amdgpu resets the CRTC state mode changed flag to false when...

EUVD-2026-24574

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

CVE-2026-41133

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

CVE-2026-41133 pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

CVE-2026-41058

WWBN AVideo is an open source video platform. In versions 29.0 and below, the incomplete fix for AVideo's CloneSite deleteDump parameter does not apply path traversal filtering, allowing unlink of arbitrary files via ../../ sequences in the GET parameter. Commit...

CVE-2026-41064

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

CVE-2026-41064 AVideo has an incomplete fix for CVE-2026-33502 (Command Injection)

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

CVE-2026-41064

WWBN AVideo’s CVE-2026-33502 family is about an incomplete fix in plugin/Live/test.php. Affected versions (reported up to 29.0 in the CVE note, with related docs citing patch activity around commit 1e6cf03e93b5a5318204b010ea28440b0d9a5ab3) show that the wget path in test.php uses unsanitized user...

EUVD-2026-24561

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

EUVD-2026-24543

WWBN AVideo is an open source video platform. In versions 29.0 and below, the incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization...

CVE-2026-41063

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization...