SUSE CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

CVE-2026-46291

A flaw was found in the Linux kernel's crypto: caam component. This vulnerability allows for the disclosure of sensitive HMAC Hash-based Message Authentication Code key bytes at runtime. The issue occurs because the hashdigestkey function uses printhexdumpdevel without proper guarding, which can...

CVE-2026-46291

CVE-2026-46291 concerns the Linux kernel crypto/caam path: hash_digest_key may dump sensitive HMAC key bytes when CONFIG_DYNAMIC_DEBUG is enabled. The fix redirects dumps to print_hex_dump_devel() to prevent leaking secrets at runtime. Affected behavior is that dynamic debugging could reveal HMAC...

CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

EUVD-2026-35157

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

Agentic Vulnerability Reasoning on Windows COM Binaries

Windows Component Object Model COM services run with elevated privileges and are widely accessible to authenticated users, making race conditions in these binaries a critical surface for local privilege escalation. We present SLYP, an end-to-end agentic pipeline that discovers race condition...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial CVE-2024-26900 In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser CVE-2024-35947 In the Linux kernel, the following...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

SpringCloud-Gateway Command Execution Vulnerability CVE-2022...

Router exploitation of the Stack Overflow entry a-vulnerability warning-the black bar safety net

MIPS instruction set is mainly used in some embedded IOT devices, such as Router, camera. To these devices for binary vulnerability mining you need to have the MIPS to have a certain familiar. The MIPS instruction set of Stack Overflow and the x86 instruction set is different, so the exploits is...

Travel to the dark of the door! Debugee in QEMU-vulnerability warning-the black bar safety net

I haven't to secure guest posting, just recently the contact vulnerability discovery, and have been reading some of the classic fuzzer source code, at the same time also began to contact the virtualization escape this piece of content, at this time happened to come across two very classic exploit...

WordPress <= 4.6.1 use the theme file to trigger stored XSS vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-10-08 0x00 vulnerability overview 1. Vulnerability description WordPress is a PHP and MySQL as a platform free and open source blogging software and content management systems, recently researchers found that in their=4.6.1 version, by...

Drupal 8 configuration file download vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-09-22 0x00 vulnerability overview 1. Vulnerability description Drupal （ https://www.drupal.org is a free open source content management system, recent researchers have found in it 8. x 8.1.10 version found three security vulnerabilities,...

Linux netfilter OOB root mention the right vulnerability analysis-vulnerability warning-the black bar safety net

Famous ExploitDatabase website www.exploit-db.com recently posted a netfilter module. the right to the POC, the author is Vitaly Nikolenko on. OOB it! Netfilter is! Meal a sense of curiosity, decision analysis, analysis of process and outcomes to share as follows. 0×0 extraordinaire mention the...

A null pointer vulnerability Protection Technology-primary-vulnerability warning-the black bar safety net

Safety history due to a null pointer brought the vulnerability and attacks are numerous, but because of its use of the programming skills required for analysis and protective to have higher requirements, so the domestic to the null pointer vulnerability and a discussion of the related art is not...

Preliminary exploration of ActiveX type to overflow---PPlive 0Day-vulnerability warning-the black bar safety net

Affected version: pplive 1. 8beat2 The problematic dll: MngModule.dll 1.7.0.2 Not affected version: Also didn't it.: - Analysis: The following is the luoluo with the assistance of analysis, the basic part of the luoluo quotes.: Given the analysis process, the Give and I did just contact the...