kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

Important: giflib

Issue Overview: Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible. CVE-2026-23868 Affected Packages: giflib Note: This advisory i...

Important: giflib

Issue Overview: Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible. CVE-2026-23868 Affected Packages: giflib Issue Correction: Run...

ROS-20260401-73-0039

Vulnerability in mongo-c-driver related to buffer copying without checking input data size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260401-73-0027

Vulnerability in libpng related to buffer copying without checking input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260401-73-0032

Vulnerability in libpng15 related to buffer copying without checking input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260401-73-0030

Vulnerability in libpng related to buffer copying without checking input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

File Browser's Signup Grants Execution Permissions When Default Permissions Includes Execution

Summary The signupHandler in File Browser applies default user permissions via d.settings.Defaults.Applyuser, then strips only Admin commit a63573b. The Execute permission and Commands list from the default user template are not stripped. When an administrator has enabled signup, server-side...

copy-text (>=2.0.1 <=2.1.2), cypherquery (>=1.1.8 <=1.1.13) +1 more potentially affected by CVE-2021-23337 +1 more via lodash.template (>=4.0.0 <=4.0.2)

lodash.template NPM version =4.0.0, =2.0.1, =1.1.8, =2.0.7, =2.0.13 Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JS-LODASHTEMPLATE-15869628...

EUVD-2026-17371

OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage attachment staging flow that allows attackers to execute arbitrary commands on configured remote hosts. The vulnerability exists because unsanitized remote attachment paths containing shell metacharacters...

CVE-2026-32917 OpenClaw < 2026.3.13 - Remote Command Injection via Unsanitized iMessage Attachment Paths in SCP

OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage attachment staging flow that allows attackers to execute arbitrary commands on configured remote hosts. The vulnerability exists because unsanitized remote attachment paths containing shell metacharacters...

CVE-2026-32917

OpenClaw prior to 2026.3.13 is affected by a remote command injection vulnerability in the iMessage attachment staging flow. The issue arises because unsanitized remote attachment paths containing shell metacharacters are passed directly to the SCP remote operand without validation, allowing arbi...

Libssh: improper sanitation of paths received from scp servers

...

CMS Made Simple（CMSMS） 路径遍历漏洞

CMS Made Simple CMSMS is an open-source content management system developed by the Cmsms team. This system supports role-based permission management, wizard-based installation and update mechanisms, and intelligent caching features. Version 2.2.22 and earlier of CMS Made Simple contained a path...

PT-2026-29288

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the...

OESA-2026-1761 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug...

OESA-2026-1760 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug...

OESA-2026-1759 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug...

BIT-NGINX-GATEWAY-2026-27654 NGINX ngx_http_dav_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

BIT-NGINX-2026-27654 NGINX ngx_http_dav_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...