Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011340 advisory. In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010896)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010896 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhpstateremoveinstancenocalls for hisihns3pmu uninit process When teari...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010689 advisory. In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on storecputopolog...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013144)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013144 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011033)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011033 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown The driver needs to migrate t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013163 advisory. In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid use after free on rmap-obj array entries When calling irqsetaffinitynotifier...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011159)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011159 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 6553...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013376)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013376 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at cod...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011299 advisory. In the Linux kernel, the following vulnerability has been resolved: thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crash When CPU 0 is offli...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006989)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006989 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit armsmmupmuinit won't remove the callback...

CVE-2026-40476

graphql-go is a Go implementation of GraphQL. In versions 15.31.4 and below, the OverlappingFieldsCanBeMerged validation rule performs On² pairwise comparisons of fields sharing the same response name. An attacker can send a query with thousands of repeated identical fields, causing excessive CPU...

FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately ...

Debian dla-4529 : bind9 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4529 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4529-1 [email protected] https://www.debian.org/lts/security/...

SUSE SLES15 Security Update : bind (SUSE-SU-2026:1428-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1428-1 advisory. - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Tenable has extracted the...

CVE-2026-40476

graphql-go is a Go implementation of GraphQL. In versions 15.31.4 and below, the OverlappingFieldsCanBeMerged validation rule performs On² pairwise comparisons of fields sharing the same response name. An attacker can send a query with thousands of repeated identical fields, causing excessive CPU...

Security update for bind

This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:1428-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

USN-8185-1 linux-nvidia, linux-nvidia-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

USN-8185-1: Linux kernel (NVIDIA) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

USN-8183-1: Linux kernel (GCP) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...