EUVD-2026-27807

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

Linux Distros Unpatched Vulnerability : CVE-2026-43244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...

CVE-2026-4048 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process...

EUVD-2026-10804

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...

CVE-2026-26311

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...

PT-2026-24380

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.34.13 Envoy versions 1.35.0 through 1.35.7 Envoy versions 1.36.0 through 1.36.4 Envoy versions 1.37.0 Description Envoy is a high-performance edge/middle/service proxy. A logic issue exists in Envoy’s HTTP connection...

Envoy 资源管理错误漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. Versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contain a resource management vulnerability. This vulnerability stems from logical flaws in the HTTP connection manager, which may lead to...

CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild. Zero-day 1 this month is CVE-2026-21510, a security feature...

CVE-2026-21525

CVE-2026-21525 is a Windows Remote Access Connection Manager (RasMan) Denial of Service vulnerability caused by a NULL pointer dereference. An unauthenticated, locally-initiated attacker can trigger a crash of RasMan, impacting availability. Connected sources confirm this as a local DoS issue, wi...

Windows Remote Access Connection Manager Denial of Service Vulnerability

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...

Microsoft Windows Remote Access Connection Manager 安全漏洞

Microsoft Windows Remote Access Connection Manager is a Windows service provided by Microsoft that manages VPN connections from your computer to the Internet. If this service is disabled, VPN client applications will not be able to start. There are security vulnerabilities in Microsoft Windows...

VulnCheck KEV: CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...

Microsoft Windows NULL Pointer Dereference Vulnerability

Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally...

PT-2026-7407

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 10, 2026 Description A null pointer dereference exists in the Windows Remote Access Connection Manager RasMan. This issue allows a local attacker to cause a denial-of-service by repeatedly crashing...

ROS-20260126-73-0052

A vulnerability in the RDMA/cma component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

RDMA/cm: Fix leaking the multicast GID table reference

...

CVE-2025-71084

In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancelworksync will prevent the work from running which also prevents destroying the...

SUSE CVE-2025-71084

In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancelworksync will prevent the work from running which also prevents destroying the...