3816 matches found
CVE-2026-53139
CVE-2026-53139 concerns the Linux kernel drm/v3d path where a compute shader dispatch with zeroed workgroup counts (CFG0..CFG2) could be mishandled; the fix ensures the indirect CSD job is not submitted when any dimension is zero, causing the dispatch to complete as a no-op. Connected sources sho...
EUVD-2026-38844
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix error cleanup in xeexecqueuecreateioctl Two error handling issues exist in xeexecqueuecreateioctl: 1. When xehwenginegroupaddexecqueue fails, the error path jumps to putexecqueue which skips xeexecqueuekill. If the VM...
CVE-2026-52976
The CVE-2026-52976 issue affects the Linux kernel drm/xe driver. Two error-handling paths in xe_exec_queue_create_ioctl() can lead to memory corruption: (1) on xe_hw_engine_group_add_exec_queue() failure, the cleanup jumps to cleanup without xe_exec_queue_kill(), potentially leaving a queue in th...
CVE-2026-49269
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...
CVE-2026-57295
CVE-2026-57295 describes a CSRF vulnerability in Jenkins EC2 Fleet Plugin (versions up to 4.2.3.539.v8fedff2a_81c3 and earlier). The issue lets an attacker cause Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained by another method, potentially captur...
PT-2026-51936
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fwctl component where incorrect class initialization ordering can lead to a NULL pointer dereference during device removal. Because CXL is linked before fwctl in t...
PT-2026-51825
Name of the Vulnerable Software and Affected Versions Apple M1 GPUs affected versions not specified Description Apple M1 GPUs retain register file data between compute shader dispatches from different processes. This allows a sandboxed Metal attacker application to execute a GPU reader shader to...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fixed null pointer dereferencing. The function computeinterceptslope is called from calibrate8960 in tsens-8960.c. This call involves a parameter of type priv, p1, NULL, ONEPTCALIB, which leads to a null...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/port: Fixed the issue where parentport was used after freeing it in cxldetachep. The cxldetachep function is called during the bottom-up removal process when all CXL memory devices beneath a switch port have been removed...
Astra Linux – Vulnerability in fig2dev
A issue was discovered in fig2dev prior to 3.2.8. A NULL pointer dereferencing exists in the function computeclosedspline located in transspline.c. This allows an attacker to cause a Denial of Service attack. The fixed version of fig2dev is 3.2.8...
SUSE-SU-2026:22137-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug cause...
Assessing Automated Prompt Injection Attacks in Agentic Environments
Indirect prompt injection poses a critical threat to LLM agents that interact with untrusted external data, yet automated attack methods--proven effective for jailbreaking--remain underexplored in realistic agentic settings. We present a comprehensive empirical evaluation of automated prompt...
CVE-2026-22164 GPU DDK - Kernel heap OOB write in DevmemIntComputeVirtualIndicesFromLogical
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory. By creating resources of certain types and presenting a set of parameters to the affected interface the exploit can be used to corrupt kernel memory...
OSV-2026-889 Use-of-uninitialized-value in vp8_compute_skin_block
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520701729 Crash type: Use-of-uninitialized-value Crash state: vp8computeskinblock encodeframetodatarate vp8getcompresseddata...
CVE-2026-40213
OpenStack Cyborg before 16.0.1 uses rule:allow checkstr='@' as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complet...
CVE-2026-11330
The vulnerability CVE-2026-11330 affects thedotmack claude-mem up to 11.0.1, specifically the computeObservationContentHash function in src/services/sqlite/observations/store.ts of the Observation Content Hash Handler. The issue enables the use of a weak hash due to this component manipulation. T...
PT-2026-46947
A weakness has been identified in thedotmack claude-mem up to 11.0.1. The affected element is the function computeObservationContentHash of the file src/services/sqlite/observations/store.ts of the component Observation Content Hash Handler. This manipulation causes use of weak hash. The attack c...
Improper Resource Shutdown or Release
Overview dask is a Parallel PyData with Task Scheduling Affected versions of this package are vulnerable to Improper Resource Shutdown or Release through the computehllarray function in the HLL Handler component. An attacker can cause excessive resource consumption by remotely invoking this...
CVE-2025-59614 Out-of-bounds Write in Windows Compute
Memory Corruption when sending random number generator command with insufficient output buffer size...
CVE-2025-59614 Out-of-bounds Write in Windows Compute
Memory Corruption when sending random number generator command with insufficient output buffer size...