CVE-2026-45924

ksmbd: call ksmbdvfskernpathendremoving on some error paths...

IBM Security Directory Integrator 安全漏洞

IBM Security Directory Integrator is an integrated development environment and runtime service provided by the American multinational company International Business Machines IBM. Vulnerabilities exist in versions 7.2.0.0.0 to 7.2.0.14.0.0.0, as well as in versions 10.0.0.0.0 to 10.0.0.2.0.0.0, du...

IBM Business Automation Workflow 安全漏洞

IBM Business Automation Workflow is a workflow automation solution developed by the American multinational company International Business Machines IBM. This product is primarily used for workflow management and compliance control, and it features workflow visibility and scalability. There is a...

libusb 缓冲区错误漏洞

libusb is an open-source, cross-platform USB device access library. Versions of libusb prior to 1.0.30 contained a buffer error vulnerability. This vulnerability stems from the use of the original buffer size rather than the remaining size during boundary checks in the parseiadarray function, whi...

PT-2026-43793

In the Linux kernel, the following vulnerability has been resolved: rust: pwm: Fix potential memory leak on init error When initializing a PWM chip using pwmchip alloc, the allocated device owns an initial reference that must be released on all error paths. If pinned init were to fail, the...

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from the UDR DELETE handler’s type assertion panic when the ueId was not present, which could potentially result in a 5...

Unzip 安全漏洞

Unzip is a Golang.zip decompression tool developed by Yige’s developers. Versions of Unzip prior to 2.215 contained security vulnerabilities. These vulnerabilities stemmed from failing to catch exceptions when parsing zip headers with incorrect DOS date formats. As a result, an exception was thro...

PT-2026-44222

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.9 through 18.10.6 GitLab CE/EE versions 18.11 through 18.11.3 GitLab CE/EE versions 19.0 through 19.0.0 Description An authorization enforcement error allows a blocked Project Access Token to maintain access to private...

PT-2026-43827

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count inconsistency occurs in the hfsplus module when the hfs bnode create function identifies that a node is already hashed. Instead of incrementing the reference count, the...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the PCF’s HandleCreateSmPolicyRequest handler, which encountered a null pointer dereferencing when UDR returne...

CVE-2026-45904

powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in ANGLE, which could allow remote attackers to execute a sandbox...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a type error in the parameters of the bpfxdpstorebytes function. This error allows the verifier to...

PT-2026-43782

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Corrupted FAT images can cause a directory inode to have an incorrect i nlink value. When the rmdir operation is performed, it unconditionally calls the drop nlink function, which can...

ROS-20260527-73-0003

Vulnerability in openbao related to errors in certificate authentication procedure. The vulnerability can be exploited remotely...

CVE-2026-46053

net: rds: fix MR cleanup on copy error...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from discontinuous gaps during block allocation in btrfs. This issue causes an EEXIST error in the...

PT-2026-43730

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the dw i3c master i2c xfers function. The function allocates memory for the xfer structure via dw i3c master alloc xfer, but if the pm runtime resume and get...

PT-2026-43755

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the raid1 run function. This function calls setup conf, which registers a thread using md register thread. If the raid1 set limits function fails, the registered...

Google Chrome on Android 缓冲区错误漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a buffer error vulnerability. This vulnerability stemmed from out-of-bounds reading in the WebGL component, which could allow remote...