Quantum Futures Interactive: A Live Demonstration of Post-Quantum Blockchain Security, Infrastructure Tradeoffs, and Sustainable Distributed Trust

Advances in quantum computing introduce long-term security challenges for widely deployed public-key cryptographic systems used across blockchain platforms and decentralized applications. Although post-quantum cryptography PQC standards are emerging, understanding quantum risk remains fragmented...

PT-2026-41291

Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

offsec-skills

offsec-exploit-research Elite adaptive whitebox exploit resea...

CVE-2026-31226

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

TinyZero 安全漏洞

TinyZero is an inference model training tool developed by Jiayi Pan, based on reinforcement learning, and aimed at replicating the DeepSeek R1 Zero. TinyZero has a security vulnerability. This vulnerability stems from the copy function in the HDFS file manipulation tool, which insecurely construc...

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named MrRot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager WHM that could result ...

CVE-2026-43125

A flaw was found in the Linux kernel's Distributed Lock Manager dlm module. An attacker could send specially crafted network messages with an oversized length parameter to the dlmdumprsbname function. This lack of validation can lead to an out-of-bounds write in the dlmsearchrsbtree function,...

CVE-2026-43125

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

CVE-2026-43125

CVE-2026-43125 affects the Linux kernel dlm module. The vulnerability stems from unvalidated length in dlm_dump_rsb_name() coming from network messages, allowing an out-of-bounds write in dlm_search_rsb_tree() when the length exceeds DLM_RESNAME_MAXLEN. This could enable denial of service and, in...

CVE-2026-43125

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

PT-2026-37465

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Distributed Lock Manager DLM where the len parameter in the dlm dump rsb name function is not validated. Because this parameter is derived from network messages,...

Linux Distros Unpatched Vulnerability : CVE-2026-43125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN,...

Directory Traversal

Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Directory Traversal via the ReadMultiple process. An attacker can access files outside the intended directory by sending a specially...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: Fixed error handling for userdlmdestroyLock. When userdlmdestroyLock fails, it does not clean up the flags it set before exiting. For the USERLOCKINTEARDOWN condition, if this function fails because the lock is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, for the dsa module, the microchip function has been updated to include a condition for scheduling the kszmibreadwork function. When the ksz module is installed or removed using the rmmod command, the kernel...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: fixed the issue of null-pointer dereference during local read operations. In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: c reqmodreq, what, NULL, &m; The handler for...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack and have sblvbptr field to a dangled pointer while not using DLMLKFVALBLK. It will crash with the following kernel message, the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fixed a panic that occurred when the DSA master device unbinds during shutdown. Rafael reported that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master dpaa2-eth is active, the...