EUVD-2026-21417

Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade...

DEBIAN-CVE-2025-40215

In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x-tunnel as we delete x The ipcomp fallback tunnels currently get deleted from the various lists and hashtables as the last user state that needed that fallback is destroyed not deleted. If a reference to that user...

SUSE CVE-2025-10729

The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free...

CVE-2023-53440

In CVE-2023-53440, the Linux kernel nilfs2 sysfs interface had lifetime timing issues that could lead to inode NULL pointer dereferences or use-after-free, and lockdep warnings. Specifically, nilfs_sysfs_create_device_group creates sysfs attributes for per-filesystem metadata (cpfile, sufile, dat...

PT-2025-49021

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of ipcomp fallback tunnels and xfrm states. Specifically, the issue arises when deleting xfrm states, where the fallback state...