CVE-2026-39828

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

CVE-2026-9096

Casdoor versions 2.362.0 and earlier do not enforce SAML assertion time bounds. The gosaml2 library reports all time-validation results, including NotOnOrAfter and NotBefore, in the assertionInfo.WarningInfo field. However, ParseSamlResponse never reads this field, meaning that time bounds are...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39830)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39830 advisory. - A malicious SSH peer could send unsolicited global request responses to fill an internal buffe...

Linux Distros Unpatched Vulnerability : CVE-2026-39830

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine coul...

SUSE CVE-2026-39830

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

CVE-2026-39830

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

EUVD-2026-31397

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where non-empty permissions are silently discarded when an Authentication callback returns...

CVE-2026-5947

CVE-2026-5947 describes an undefined behavior due to a race condition in SIG(0) validation during DNS message processing under load. Affected are BIND 9.20.0–9.20.22, 9.21.0–9.21.21, and 9.20.9-S1–9.20.22-S1; versions 9.18.28–9.18.49 and 9.18.28-S1–9.18.49-S1 are not affected. Under a query flood...

EUVD-2026-27608

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmpbuildprobe ipv6stub-ipv6devfind may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not loaded, and passing this error pointer to devhold will cause a kernel cra...

PT-2026-34235

Description Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA instructions are processed block-by-block in BrilligBlock::compile block. When the compiler encounters an Instruction::Call with a Value::ForeignFunction target, it invokes...

libcrux-sha3: Incorrect output from SHAKE squeeze functions

The incremental squeeze functions in the portable SHAKE XOF API, when attempting to squeeze more than RATE 168 for SHAKE128, 136 for SHAKE256 bytes, performed an additional permutation of the state before producing the first output block, thus discarding the first block of RATE bytes of valid XOF...

CVE-2025-71237

CVE-2025-71237 corresponds to a Linux kernel nilfs2 issue where an underflow during FITRIM end_block calculation can produce a negative nblocks, turning into a large positive value and causing the block layer to hang while processing a discard. The description and connected advisories confirm the...

EUVD-2025-205229

This CVE id was assigned but later discarded...

CVE-2023-54140

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...

CVE-2023-54140

CVE-2023-54140 affects Linux kernels, describing a nilfs2 issue where mark_buffer_dirty() can warn and cause a panic when the uptodate flag on internally held buffers is lost and buffers are reused. The vulnerability originates from nilfs2 keeping buffer pointers in local metadata structures and ...

PT-2025-53602

CVE-2025-5448 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-5448 Published : Dec. 24, 2025, 2:15 p.m. | 2 hours, 57 minutes ago Description : Rejected reason: This CVE id was assigned but later discarded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of a discarded buffer, which could result in a kernel warning or a system crash...

PT-2025-53401

CVE-2025-48864 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2025-48864 Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago Description : Rejected reason: This CVE id was assigned but later discarded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...

PT-2025-53400

CVE-2025-48863 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2025-48863 Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago Description : Rejected reason: This CVE id was assigned but later discarded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...