Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013578)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013578 advisory. In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clonedtr Dmclone also has the same UAF problem when dmresume and dmdestroy a...

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from the use of MessageCodec::readrequest and readresponse in the nimiq-libp2p library, which called readtoend on the inbound...

PT-2026-34355

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where the ext4 inode attach jinode function publishes ei-jinode to concurrent users before jbd2 journal init jbd inode is completed. This allows a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013589 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dmintegritydtr Dmintegrity also has the same UAF problem when dmresume a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011256)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011256 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011116)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011116 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dmintegritydtr Dmintegrity also has the same UAF problem when dmresume a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013089 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when...

mirai-exploit

Vulnerability Details CVE ID: CVE-2026-22812 Affe...

EUVD-2026-22915

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...

GHSA-MH4X-RMRX-3HP4 Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007483 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutexlock check in hfsplusfreeextents Syzbot reported an issue in hfsplus...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007617 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007391 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to...

CVE-2026-3590

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...

Denial Of Service (DoS)

Axios is vulnerable to Denial Of Service DoS. The vulnerability is due to a state corruption bug in HTTP/2 session cleanup logic, which allows a malicious server to trigger concurrent session closures and crash the client process...

CVE-2026-3590 Race Condition in Guest Magic Link Authentication Allows Token Reuse

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...

CVE-2026-3590

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...

PT-2026-33054

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.0 through 10.11.12 Mattermost version 11.5.0 Mattermost versions 11.4.0 through 11.4.2 Mattermost versions 11.3.0 through 11.3.2 Description Failure to enforce atomic single-use consumption of guest magic link tokens...

EUVD-2026-22535

Concurrent execution using shared resource with improper synchronization 'race condition' in Function Discovery Service fdwsd.dll allows an authorized attacker to elevate privileges locally...

EUVD-2026-22514

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...