Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013059)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013059 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'stru...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010815)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010815 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the cleanu...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011274)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011274 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013271 advisory. An issue was discovered in romfsdevread in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. Tenabl...

MAL-2026-2957 Malicious code in cycode-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af035661f0964977015279eeceb2e380bf8b525463d4a099d85eab7b4ea8a71b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007255)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007255 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'stru...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007387 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in compositedevcleanup 1. In func configfscompositebind -...

CVE-2026-6107

A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing of the file apps/common/middleware/chatheadersmiddleware.py of the component ChatHeadersMiddleware. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the atta...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

Sensitive Information Disclosure

Vite is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper enforcement of file access restrictions in the dev server, which allows an attacker to bypass deny rules using crafted query parameters and access sensitive files...

CVE-2026-6108 1Panel-dev MaxKB Model Context Protocol Node base_mcp_node.py execute os command injection

A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/stepnode/mcpnode/impl/basemcpnode.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is...

PT-2026-31607

Disclosure from our research team at Pentest-Tools.com "It's just dev mode" is doing a lot of heavy lifting here. FuelCMS has no enforced access control on the add git submodule installer function. Dev mode on, git over SSH enabled, a valid .git directory in the root: any authenticated user can...

Exploit for CVE-2026-39363

CVE-2026-39363 Vite Dev Server WebSocket Arbitrary File Read...

CVE-2026-5082 Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id

Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id. The generatesessionid function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes using SHA-1 hash seeded with the built-in rand...

CVE-2026-5082

Amon2::Plugin::Web::CSRFDefender for Perl, versions 7.00–7.03, generates insecure session IDs. The generate_session_id routine first reads from /dev/urandom; if unavailable, it falls back to SHA-1 seeded with the built-in rand(), the process PID, and the high-resolution epoch time. The PID is dra...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

CVE-2026-39365

Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, the dev server’s handling of .map requests for optimized dependencies resolves file paths and calls readFile without restricting ../ segments in the URL. As a result, it is possible to bypass the...

CVE-2026-39363

Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, if it is possible to connect to the Vite dev server’s WebSocket without an Origin header, an attacker can invoke fetchModule via the custom WebSocket event vite:invoke and combine file://... with ?r...

CVE-2026-39364

Vite is a frontend tooling framework for JavaScript. From 7.1.0 to before 7.3.2 and 8.0.5, on the Vite dev server, files that should be blocked by server.fs.deny e.g., .env, .crt can be retrieved with HTTP 200 responses when query parameters such as ?raw, ?import&raw, or ?import&url&inline are...