Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a side-effect error in the matchchar macro, potentially leading to out-of-bounds reading...

CVE-2026-33541

TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...

GHSA-F346-8RP3-4H9H TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service

Summary A flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. While validation correctly rejected invalid usernames, a side effect within a validation rule caused user records to be created regardless of whether the request succeeded...

TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service

Summary A flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. While validation correctly rejected invalid usernames, a side effect within a validation rule caused user records to be created regardless of whether the request succeeded...

CVE-2026-33541

TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...

SUSE CVE-2026-23349

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits fro...

CVE-2026-23349

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits fro...

UBUNTU-CVE-2026-23349

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits fro...

CVE-2026-23349 HID: pidff: Fix condition effect bit clearing

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits fro...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear all conditional effect bits, potentially leading to null pointer dereferencing...

Advisory ROSA-SA-2026-3234

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-6 affected versions curl-8.7.1-6 CVE-ID: CVE-2025-14017 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In multi-threaded LDAPS transfers in libcurl, changing TLS options in one thread changed them globally and could affect other...

Linux Distros Unpatched Vulnerability : CVE-2026-33179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in...

CVE-2026-32887

Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. Prior to version 3.20.0, when using RpcServer.toWebHandler or HttpApp.toWebHandlerRuntime inside a Next.js App Router route handler, any Node.js AsyncLocalStorage-dependent...

CVE-2026-32887 Effect Bug: `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC

Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. Prior to version 3.20.0, when using RpcServer.toWebHandler or HttpApp.toWebHandlerRuntime inside a Next.js App Router route handler, any Node.js AsyncLocalStorage-dependent...

CVE-2026-32887 Effect Bug: `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC

Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. Prior to version 3.20.0, when using RpcServer.toWebHandler or HttpApp.toWebHandlerRuntime inside a Next.js App Router route handler, any Node.js AsyncLocalStorage-dependent...

CVE-2026-32887

Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. Prior to version 3.20.0, when using RpcServer.toWebHandler or HttpApp.toWebHandlerRuntime inside a Next.js App Router route handler, any Node.js AsyncLocalStorage-dependent...

CVE-2026-32887 Effect Bug: `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC

Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. Prior to version 3.20.0, when using RpcServer.toWebHandler or HttpApp.toWebHandlerRuntime inside a Next.js App Router route handler, any Node.js AsyncLocalStorage-dependent...

EUVD-2026-13818

Effect AsyncLocalStorage context lost/contaminated inside Effect fibers under concurrent load with RPC...

@2digits/tlo-mcp (>=0.1.0 <=0.1.10), @6qat/tcp-connection (>=0.2.6 <=0.2.9) +657 more potentially affected by CVE-2026-32887 via effect (>=3.0.0 <=3.1.6)

effect NPM version =3.0.0, =0.1.0, =0.2.6, =1.0.0, =0.1.0-alpha.1, =0.0.1, =0.1.0-alpha.1, =0.0.1, =0.0.5, =0.0.1, =0.2.1, =0.5.0, =0.7.0 and more Source cves: CVE-2026-32887 Source advisory: SNYK:JS-EFFECT-15746380...

@2digits/tlo-mcp (>=0.1.0 <=0.1.10), @6qat/tcp-connection (>=0.2.6 <=0.2.9) +874 more potentially affected by CVE-2026-32887 via effect (>=2.0.0-next.10 <=3.1.6)

effect NPM version =2.0.0-next.10, =0.1.0, =0.2.6, =1.0.0, =0.1.0-alpha.1, =0.0.1, =0.1.0-alpha.1, =0.0.1, =0.0.5, =0.0.1, =0.1.0, =0.2.1, =0.4.2 - @arvkonstantin/framework-provider-local-pg =3.4.3 - @awstin/effect-zero-v3 =0.1.0 and more Source cves: CVE-2026-32887 Source advisory:...