CVE-2026-9831

A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API key to receive response data for another tenant. The issu...

net: usb: pegasus: validate USB endpoints

...

UBUNTU-CVE-2026-23312

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

CVE-2026-23365

In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

UBUNTU-CVE-2026-23290

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not...

CVE-2026-23365

The CVE-2026-23365 entry concerns the Linux kernel kalmia USB driver, where probing code must validate the device’s endpoints before binding. If a malicious device omits or mismatches expected endpoints, the driver may access invalid endpoints and crash. The issue is resolved in upstream kernel b...

CVE-2026-23365

In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

CVE-2026-23290 net: usb: pegasus: validate USB endpoints

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not...

CVE-2026-23290 net: usb: pegasus: validate USB endpoints

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not...

Linux Distros Unpatched Vulnerability : CVE-2026-23290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it i...

Linux Distros Unpatched Vulnerability : CVE-2026-23312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is...

Octopus Deploy 安全漏洞

Octopus Deploy is an automated tool developed by the Australian company Octopus, used for the development and deployment of applications in .NET, Java, and other programming languages. There is a security vulnerability in Octopus Deploy, which stems from the lack of validation in the API endpoint...

AZL-49203 CVE-2024-45011 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Check USB endpoints when probing device Ensure, as the driver probes the device, that all endpoints that the driver may attempt to access exist and are of the correct type. All XillyUSB devices must have a Bulk IN...

GHSA-WR2V-9RPQ-C35Q Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV records

Vulnerability type Cryptography Workarounds Refer to the gateway documentation. The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV...