CVE-2026-6429 netrc credential leak with reused proxy connection

When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed the connection leak issue. There is a potential leak issue under the following execution sequence: smcrelease, smcconnectwork if sk-skstate == SMCINIT sendclcconfirim tcpabort; ... sk-skstate = SMCACTIVE...

CVE-2026-31711

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix activenumconn leak on transport allocation failure Commit 77ffbcac4e56 "smb: server: fix leak of activenumconn in ksmbdtcpnewconnection" addressed the kthreadrun failure path. The earlier alloctransport == NULL...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011288 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb...

hibernate-reactive-core: Hibernate Reactive: Denial of Service due to connection leak on HTTP client disconnect

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. This action may lead to leaking connections from the database connection pool, potentially causing a Denial of Service DoS by...

CVE-2025-14969

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. This action may lead to leaking connections from the database connection pool, potentially causing a Denial of Service DoS by...

CVE-2025-14969

CVE-2025-14969 describes a Denial of Service risk in Hibernate Reactive: when an HTTP endpoint performing DB ops is prematurely closed by a remote client, the DB connection pool can leak connections, exhausting resources. The CVSS 3.1 base score is 4.3 (Medium). IBM’s Quarkus bulletins and Red Ha...

CVE-2025-14969 Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. This action may lead to leaking connections from the database connection pool, potentially causing a Denial of Service DoS by...

CVE-2025-14969 Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. This action may lead to leaking connections from the database connection pool, potentially causing a Denial of Service DoS by...

GHSA-MP55-G7PJ-RVM2 NiceGUI has Redis connection leak via tab storage causes service degradation

Summary An unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are never released, leading to service degradation when Redis hits its connection limit. NiceGUI continues accepting...

NiceGUI has Redis connection leak via tab storage causes service degradation

Summary An unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are never released, leading to service degradation when Redis hits its connection limit. NiceGUI continues accepting...

CVE-2026-21874 NiceGUI has Redis connection leak via tab storage causes service degradation

NiceGUI is a Python-based UI framework. From versions v2.10.0 to 3.4.1, an unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are never released, leading to service degradation wh...

EUVD-2026-1474

NiceGUI is a Python-based UI framework. From versions v2.10.0 to 3.4.1, an unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are never released, leading to service degradation wh...

SUSE CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

EUVD-2023-60381

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

PT-2025-54089

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's CIFS implementation where a Server Message Block SMB direct connection's information could be leaked if memory allocation MR allocate failed...

EUVD-2025-203650

In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988857)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988857 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence :...

EUVD-2020-12556

Malware in sbrugna...