UBUNTU-CVE-2026-25063

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

CVE-2026-25063

CVE-2026-25063 affects the gradle-completion project (Bash and Zsh completion for Gradle). The issue is a command injection in the Bash completion logic up to and including version 9.3.0, where Gradle task names or descriptions containing backticks can be evaluated as shell commands during Bash t...

CVE-2026-25063 gradle-completion has a Bash command injection issue

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

CVE-2026-25063

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

CVE-2026-25063

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

EUVD-2026-4943

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

CVE-2026-25063 gradle-completion has a Bash command injection issue

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

CVE-2026-25063 gradle-completion has a Bash command injection issue

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

gradle-completion security vulnerability

Gradle-completion is a autocompletion tool developed by Gradle as open source. Versions of Gradle-completion 9.3.0 and earlier have security vulnerabilities. These vulnerabilities stem from insufficient cleanup of Gradle task names and descriptions, which may lead to command injection and arbitra...

PT-2026-5364

Name of the Vulnerable Software and Affected Versions gradle-completion versions prior to 9.3.1 Description gradle-completion offers Bash and Zsh completion support for Gradle. A command injection issue exists in versions up to and including 9.3.0, potentially leading to arbitrary code execution...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005062 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005156)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005156 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by...

CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2025-71149

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...

CVE-2025-71149

CVE-2025-71149 is reported in multiple advisories as a Linux kernel io_uring/poll issue. The root cause is incorrect handling of the return value from io_poll_add() during updates, which can affect completion/event signaling (CQEs) for POLL_ADD/POLL_REMOVE scenarios. Affected advisories reference...

CVE-2025-71149

...

CVE-2025-71149

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71149 io_uring/poll: correctly handle io_poll_add() return value on update

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004848 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211scanrx ieee80211scanrx tries to access scanreq-flags after a...

Linux Distros Unpatched Vulnerability : CVE-2025-71149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was...