ROS-20260128-73-0026

A vulnerability in the drivers/platform/chrome/crosecchardev.c module of the Linux kernel is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to disclose protected information...

libcrux-kem (>=0.0.2 <=0.0.2-beta.3), libcrux-psq (=0.0.2-beta.3) potentially affected by unknown CVE via libcrux-ecdh (>=0.0.2-beta.3 <=0.0.2)

libcrux-ecdh CARGO version =0.0.2-beta.3, =0.0.2, =0.0.2-beta.3 - libcrux-psq =0.0.2-beta.3 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0023...

CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37781)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37781 advisory. - In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if pare...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38142)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38142 advisory. - In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor inde...

Malicious code in pl-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

MAL-2026-367 Malicious code in uq-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aff150b2aef330176090006c8f217913a40ee17728ec4c821c5c3310624bb0ba The package uq-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-3505

Malicious code in uq-global-ec-uikit npm...

Malicious Package

Overview pl-global-ec-uikit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2026-3510

Malicious code in gu-global-ec-uikit npm...

Malicious code in shared-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac32ab19d7e9c15b0c6a69dafe143c75cab5612b903293c16865f371b8a00a7 The package shared-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

Malicious code in gu-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8b504bec83c372b24f21eb2b83e6a5ec1ceceef82ba4b57dc401e1ab44f9a4 The package gu-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

Malicious code in uq-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aff150b2aef330176090006c8f217913a40ee17728ec4c821c5c3310624bb0ba The package uq-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

MAL-2026-363 Malicious code in pl-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-3509

Malicious code in pl-global-ec-uikit npm...

MAL-2026-361 Malicious code in gu-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8b504bec83c372b24f21eb2b83e6a5ec1ceceef82ba4b57dc401e1ab44f9a4 The package gu-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

MAL-2026-364 Malicious code in shared-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac32ab19d7e9c15b0c6a69dafe143c75cab5612b903293c16865f371b8a00a7 The package shared-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

SUSE CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003483 advisory. Race condition in the ecdeviceioctlxcmd function in drivers/platform/chrome/crosecdev.c in the Linux kernel before 4.7 allows local users to cause a denial of servic...

CVE-2026-22791

openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...