CVE-2026-31740

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rzmtu3channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counter drive...

CVE-2026-43018

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...

CVE-2026-31759

CVE-2026-31759 affects the Linux kernel USB ULPI path (usb: ulpi) where a double free could occur in ulpi_register_interface() after a failed device_register(), because the error path freed ulpi twice. The root cause is a missing delegation of cleanup to put_device() via ulpi_dev_release(), preve...

CVE-2026-31740 counter: rz-mtu3-cnt: do not use struct rz_mtu3_channel's dev member

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rzmtu3channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counter drive...

CVE-2026-31695

In the Linux kernel, the following vulnerability has been resolved: wifi: virtwifi: remove SETNETDEVDEV to avoid use-after-free Currently we execute SETNETDEVDEVdev, &priv-lowerdev-dev for the virtwifi net devices. However, unregistering a virtwifi device in netdevruntodo can happen together with...

CVE-2026-31695

CVE-2026-31695 is a Linux kernel issue affecting the virt_wifi driver. The root cause is a race during unregistration where a device’s parent pointer could reference freed memory, causing a use-after-free during ethtool operations. The vulnerability arises from using SET_NETDEV_DEV(dev, &priv-&gt...

Kompany MCP Server 命令注入漏洞

Kompany MCP Server is a collaboration tool for Eyal Individual Developers that connects an AI assistant to a task management platform. Kompany MCP Server suffers from a command injection vulnerability that stems from the incorrect manipulation of the parameter devscript in the file...

Linux Distros Unpatched Vulnerability : CVE-2026-31654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 mm/vma: do not leak memory when...

WordPress Woostify theme <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Theme Woostify versions = 2.5.0...

CVE-2026-7135

A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elngboxread of the file src/isomedia/boxcodebase.c of the component MP4Box. Performing a manipulation of the argument elng results in out-of-bounds read. The attack...

CVE-2026-7135

A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elngboxread of the file src/isomedia/boxcodebase.c of the component MP4Box. Performing a manipulation of the argument elng results in out-of-bounds read. The attack...

MAL-2026-3124 Malicious code in apple-internal-dev-check (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

Malicious code in apple-internal-dev-check (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

GPAC 缓冲区错误漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC such as 26.03-DEV-rev105-g8f39a1eb3-master and earlier have a buffer error vulnerability. This vulnerability stems from the function elngboxread in the MP4Box component’s file src/isomedia/boxcodebase.c, which process...

/dev/push 输入验证错误漏洞

/dev/push is an open-source application hosting platform developed by Ronan Berder, designed for zero-downtime deployment and real-time monitoring. Version 0.3.2 of /dev/push contains a vulnerability related to input validation. This vulnerability stems from an open redirection in...

CVE-2026-31678 openvswitch: defer tunnel netdev_put to RCU release

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

EUVD-2026-25645

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

CVE-2026-31678

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

SUSE CVE-2026-31578

In the Linux kernel, the following vulnerability has been resolved: media: as102: fix to not free memory after the device is registered in as102usbprobe In as102usb driver, the following race condition occurs: CPU0 CPU1 as102usbprobe kzalloc; // alloc as102devt .... usbregisterdev; fd =...

SUSE CVE-2026-31654

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...