RockyLinux 10 : luksmeta (RLSA-2026:18421)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18421 advisory. luksmeta: Data corruption when handling LUKS1 partitions with luksmeta CVE-2025-11568 Tenable has extracted the preceding description block directly from the...

CVE-2026-10099

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

CVE-2026-10099

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

luksmeta security update

An update is available for luksmeta. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The...

RLSA-2026:18421 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in Rocky Linux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

CVE-2026-10099 XX-Net V5.16.6 WebSocket Frame Parsing Data Corruption via simple_http_server.py

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

CVE-2026-10099

XX-Net version 5.16.6 is affected by a WebSocket frame parsing vulnerability in the WebSocket_receive_worker routine of simple_http_server.py. The issue arises because the server unconditionally reads 4 bytes as a masking key regardless of the MASK bit in the frame header, causing the first 4 byt...

CVE-2026-10099 XX-Net V5.16.6 WebSocket Frame Parsing Data Corruption via simple_http_server.py

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

EUVD-2026-33346

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

XX-Net 安全漏洞

XX-Net is an open-source network stealth proxy tool developed by XX-Net. Version 5.16.6 of XX-Net contains a security vulnerability. This vulnerability stems from issues with WebSocket frame parsing in the WebSocketreceiveworker routine within simplehttpserver.py, which may lead to corruption of...

PT-2026-44889

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocket receive worker routine of simple http server.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

RLSA-2026:18824 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in Rocky Linux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

luksmeta security update

An update is available for luksmeta. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The...

SUSE CVE-2026-46045

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: skip reading rdevs that are not insync When reading bitmap pages from member disks, the code iterates through all rdevs and attempts to read from the first available one. However, it only checks for raiddisk...

Linux Distros Unpatched Vulnerability : CVE-2026-24197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU MIG partition management, where an insecure default initialization of memory...

RockyLinux 9 : luksmeta (RLSA-2026:18824)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18824 advisory. luksmeta: Data corruption when handling LUKS1 partitions with luksmeta CVE-2025-11568 Tenable has extracted the preceding description block directly from the...

CVE-2026-46007

A flaw was found in the Linux kernel's hwmon powerz component. This vulnerability is caused by cacheline sharing between the transfer buffer and a mutex during Direct Memory Access DMA operations. This architectural issue can lead to unexpected behavior or data corruption, impacting system...

CVE-2026-24197

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU MIG partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this...

CVE-2026-46062

A flaw was found in the Linux kernel's ntfs3 filesystem driver. An integer overflow vulnerability exists in the rununpack function's volume boundary check. This flaw occurs because the check uses raw addition, which can wrap around for large values, potentially bypassing validation. This could le...

CVE-2026-46045

A flaw was found in the Linux kernel, specifically within the multiple device MD driver's bitmap handling. This vulnerability allows the system to read outdated or incomplete data from storage devices that are not fully synchronized. This can lead to errors in tracking changes to data, which may...