CVE-2026-23080

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...

CVE-2026-23068

In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...

CVE-2026-23061 can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: kvaserusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In kvaserusbset,databittiming - kvaserusbsetuprxurbs, t...

EUVD-2025-206806

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to drop the device reference. kfree is not required. Add kfree if idralloc fails and in ac97adapterrelease to do the...

CVE-2025-71192 ALSA: ac97: fix a double free in snd_ac97_controller_register()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to drop the device reference. kfree is not required. Add kfree if idralloc fails and in ac97adapterrelease to do the...

CVE-2025-71192 ALSA: ac97: fix a double free in snd_ac97_controller_register()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to drop the device reference. kfree is not required. Add kfree if idralloc fails and in ac97adapterrelease to do the...

CVE-2026-25134

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5, the MaintenanceController exposes an action zipLanguage which takes a lang parameter and passes it directly to a system zip command via exec. This can be combined with uploadi...

ingress-nginx's `rules.http.paths.path` Ingress field can be used to inject configuration into nginx

A security issue was discovered in ingress-nginx. Tthe rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note that in...

ingress-nginx's `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to t...

ingress-nginx has Improper Check for Unusual or Exceptional Conditions

A security issue was discovered in ingress-nginx where the protection afforded by the auth-url Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors...

GHSA-JX8C-56MG-H6VP ingress-nginx's `rules.http.paths.path` Ingress field can be used to inject configuration into nginx

A security issue was discovered in ingress-nginx. Tthe rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note that in...

ingress-nginx vulnerable to Allocation of Resources Without Limits or Throttling

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...

GHSA-2PF9-VR92-6H3V ingress-nginx vulnerable to Allocation of Resources Without Limits or Throttling

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...

GHSA-9H3P-52VH-959W ingress-nginx's `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to t...

PT-2026-6445

A security issue was discovered in ingress-nginx. Tthe rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note that in...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper anchoring of the USB CAN driver in URB, potentially leading to memory leaks...

PT-2026-5812

Name of the Vulnerable Software and Affected Versions Alps Pointing-device Controller version 8.1202.1711.04 Description The Alps Pointing-device Controller version 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService. This allows local attackers to execute co...

Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE

Exploit Title: Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE Date: 2025-10-07 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://kubernetes.io Software Link: https://github.com/kubernetes/ingress-nginx Version: Affects v1.10.0 to v1.11.1 potentially others Tested o...

Ingress-NGINX Controller < 1.13.7 / 1.14.x < 1.14.3 Multiple Vulnerabilities

The version of Ingress-NGINX controller installed on the remote host is prior to 1.13.7 or 1.14.3. It is, therefore, affected by multiple vulnerabilities: - A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject...

CVE-2026-24514

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...