CVE-2026-23059

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

UBUNTU-CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

UBUNTU-CVE-2026-23059

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

CVE-2026-23059 scsi: qla2xxx: Sanitize payload size to prevent member overflow

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

CVE-2026-23059

In the Linux kernel CVE-2026-23059, the vulnerable code paths are in Scsi qla2xxx logic, specifically qla27xx_copy_fpin_pkt() and qla27xx_copy_multiple_pkt(). The frame_size reported by firmware could exceed the 64-byte iocb member in struct purex_item, causing cross-boundary memcpy writes and Fo...

EUVD-2026-5487

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

SiYuan 路径遍历漏洞

SiYuan is an open-source privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.5 contained a path traversal vulnerability. This vulnerability stemmed from the /api/file/copyFile endpoint not verifying the dest parameter, which could allow files...

GO-2026-4346 SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality in github.com/siyuan-note/siyuan/kernel

SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality in github.com/siyuan-note/siyuan/kernel...

GHSA-PQQG-5F4F-8952 FacturaScripts has SQL Injection in Autocomplete Actions

Summary FacturaScripts contains a critical SQL Injection vulnerability in the autocomplete functionality that allows authenticated attackers to extract sensitive data from the database including user credentials, configuration settings, and all stored business data. The vulnerability exists in th...

PT-2026-6515

SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality in github.com/siyuan-note/siyuan/kernel...

ROS-20260203-73-0019

A vulnerability in the dm-bufio.c component of the Linux kernel is related to buffer copying without input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-25059

OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename components in req.Names are directly concatenated with validated directories using stdpath.Join. Thi...

GO-2026-4387 SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE in github.com/siyuan-note/siyuan/kernel

SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE in github.com/siyuan-note/siyuan/kernel...

GHSA-QMJ2-8R24-XXCQ OpenList vulnerable to Path Traversal in file copy and remove handlers

Summary The application contains a Path Traversal vulnerability CWE-22 in multiple file operation handlers. An authenticated attacker can bypass directory-level authorisation by injecting traversal sequences into filename components, enabling unauthorised file removal and copying across user...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the FsRemove and FsCopy functions. An attacker can access and manipulate files outside of their authorized directory by injecting traversal sequences into filename components. This allows unauthorized file remova...

CVE-2025-47399 Buffer Copy Without Checking Size of Input in Camera

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

Linux Distros Unpatched Vulnerability : CVE-2025-4084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to insufficient escaping of the special characters in the copy as cURL feature, an attacker could trick a user into using this command, potentially leading ...

EulerOS Virtualization 2.10.1 : rsync (EulerOS-SA-2026-1145)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destinati...