CVE-2026-30851

The CVE-2026-30851 entry is linked to a concrete vulnerability in Caddy v2, specifically the forward_auth copy_headers behavior in modules/caddyhttp/reverseproxy/forwardauth/caddyfile.go. The root cause is a regression where client-supplied headers listed in copy_headers could survive when the up...

CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

CVE-2026-30851 Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

GHSA-8RF9-C59G-F82F WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning

Summary A cross-tenant authorization bypass in the knowledge base copy endpoint allows any authenticated user to clone duplicate another tenant’s knowledge base into their own tenant by knowing/guessing the source knowledge base ID. This enables bulk data exfiltration document/FAQ content across...

Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

Summary Caddy's forwardauth directive with copyheaders generates conditional header-set operations that only fire when the upstream auth service includes the named header in its response. No delete or remove operation is generated for the original client-supplied request header with the same name...

CLSA-2026-1772815097 Fix of 72 CVEs

CVE-2025-38699 - scsi: bfa: Double-free fix CVE-2025-38699 CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG CVE-2025-38697 CVE-2025-39823 - KVM: x86: use arrayindexnospec with indices that come from guest CVE-2025-39823 CVE-2025-39689 - ftrace: Also allocate and copy hash for...

PT-2026-23796

Name of the Vulnerable Software and Affected Versions Caddy versions 2.10.0 through 2.11.1 Description Caddy is a server platform that utilizes TLS by default. A flaw exists in the forward auth functionality where the copy headers option fails to remove headers provided by the client. This can le...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005702)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005702 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handler...

PT-2026-23800

Name of the Vulnerable Software and Affected Versions WeKnora versions prior to 0.3.0 Description WeKnora is a framework for deep document understanding and semantic retrieval. A cross-tenant authorization bypass exists in the knowledge base copy endpoint. An authenticated user can clone another...

fbdev: smscufx: properly copy ioctl memory to kernelspace

...

SUSE CVE-2026-23231

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...

SUSE CVE-2026-23236

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...

AZL-79475 CVE-2026-3381 affecting package rust 1.90.0-4

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-79478 CVE-2026-3381 affecting package sudo 1.9.17-1

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

OSV-2026-356 Security exception in org.apache.lucene.util.ArrayUtil.copyOfSubArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489370855 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.copyOfSubArray org.apache.lucene.util.BytesRef.deepCopyOf org.apache.lucene.index.Term...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005657 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 skbuff...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005793)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005793 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND -...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005651 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always...

EUVD-2026-9437

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...