OSV-2026-507 Security exception in org.apache.lucene.util.ArrayUtil.copyOfSubArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498705946 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.copyOfSubArray org.apache.lucene.util.BytesRef.deepCopyOf org.apache.lucene.index.Term...

PT-2026-30148

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDP DROP for non-zero-copy mode Page recycling was removed from the XDP DROP path in emac run xdp to avoid conflicts with AF XDP zero-copy mode, which uses xsk buff free instead. However,...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from cleaning up subobjects before the RCU grace period, potentially leading to null pointer dereferencing...

Security Bulletin: IBM Copy Services Manager may be affected by multiple vulnerabilities due to IBM SDK Quarterly CPU - Jan 2026

Summary Multiple Vulnerabilities were disclosed as part of the JAVA SE January 2026 Patch Update. Although likelihood of these issues being exploited is very low, IBM Copy Services Manager frequently updates product stack to ensure the utmost security is maintained. Vulnerability Details Refer to...

EUVD-2026-18398

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

DEBIAN-CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

Improper Preservation of Permissions

Overview Affected versions of this package are vulnerable to Improper Preservation of Permissions in the scp when the legacy protocol option -O is used by a root user without preserving original file permissions -p. An attacker can gain elevated privileges by supplying a malicious file that, when...

CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

UBUNTU-CVE-2026-23415

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futexkeytonodeopt and vmareplacepolicy During futexkeytonodeopt execution, vma-vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy which frees the old mempoli...

CVE-2026-23415

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futexkeytonodeopt and vmareplacepolicy During futexkeytonodeopt execution, vma-vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy which frees the old mempoli...

CVE-2026-23415 futex: Fix UaF between futex_key_to_node_opt() and vma_replace_policy()

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futexkeytonodeopt and vmareplacepolicy During futexkeytonodeopt execution, vma-vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy which frees the old mempoli...

CVE-2026-23415

The CVE-2026-23415 issue affects the Linux kernel futex subsystem. A race occurs between futex_key_to_node_opt() reading vma->vm_policy under speculative mmap lock/RCU and mbind() calling vma_replace_policy(), which can free the old mempolicy via kmem_cache_free(). This leads to a use-after-fr...

PT-2026-29719

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlink hooks: BUG: KASAN: slab-use-after-free in nfnl hook dump one.isra.0+0xe71/0x10f0...

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source tools developed by OpenBSD in Canada for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection hijacking,...

PT-2026-29722

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futex key to node opt and vma replace policy During futex key to node opt execution, vma-vm policy is read under speculative mmap lock and RCU. Concurrently, mbind may call vma replace policy which frees th...

PT-2026-29805

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.3 Description When using the -O option with the legacy scp protocol as root without the -p option, a downloaded file may be installed with setuid or setgid permissions, which may not align with user expectations...

copy-text (>=2.0.1 <=2.1.2), cypherquery (>=1.1.8 <=1.1.13) +1 more potentially affected by CVE-2026-4800 via lodash.template (>=4.0.0 <=4.0.2)

lodash.template NPM version =4.0.0, =2.0.1, =1.1.8, =2.0.7, =2.0.13 Source cves: CVE-2026-4800 Source advisory: OSV:GHSA-R5FR-RJXR-66JC...

Astra Linux – Vulnerability in Firefox

DOM spoofing issue: Copy & Paste and Drag & Drop components. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...