PT-2026-43590

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business Agent versions prior to 3.1.0-4967 Description An origin validation error occurs during installation, which allows local users to write arbitrary files containing restricted content. Recommendations Update t...

Synology ActiveProtect Agent 访问控制错误漏洞

Synology ActiveProtect Agent is a terminal data backup and recovery agent provided by the Chinese company Synology. Versions of Synology ActiveProtect Agent prior to 1.1.0-0439 contained a access control vulnerability caused by a source validation error. This vulnerability could allow local users...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with the pt5161lreadblockdata function in pt5161l, including buffer overflows and improper...

CVE-2026-45961

gfs2: fix memory leaks in gfs2fillsuper error path...

Linux Distros Unpatched Vulnerability : CVE-2026-46004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from...

Linux Distros Unpatched Vulnerability : CVE-2026-46040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls...

PT-2026-43742

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak occurs in the mfd: arizona component when the wm5102 clear write sequencer function returns an error. The function returns immediately, bypassing the cleanup sequence and...

PT-2026-43772

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the icmp route lookup function during the reverse path process for sending ICMP error messages with XFRM IPsec policies. When the system acts as a forwarding...

PT-2026-43738

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the TPM st33zp24 driver where the get burstcount function can return -EBUSY upon a timeout. In such instances, the st33zp24 send function returns immediately without...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an XDR decoding error path in the SURNPROC authgss module. This error path fails to release the...

pam_usb 输入验证错误漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained a input validation vulnerability. This vulnerability stems from the lack of an upper limit on the number of ndevices being counted in...

CVE-2026-45964

SUNRPC: fix gssauth kref leak in gssallocmsg error path...

Linux Distros Unpatched Vulnerability : CVE-2026-45871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without...

Linux Distros Unpatched Vulnerability : CVE-2026-45934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation I have been observing a number of systems aborting at insertdevextents in...

Linux Distros Unpatched Vulnerability : CVE-2026-46044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif...

Linux Distros Unpatched Vulnerability : CVE-2026-46053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user...

PT-2026-43801

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue in the btrfs file system can lead to a transaction abort with an EEXIST error Object already exists during chunk allocation. This occurs due to non-consecutive gaps in chunk...

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the PCF’s app-sessions handler under certain conditions, which could lead to a 500...

PT-2026-43691

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aie destroy context is invoked during error handling in aie2 create context. However, aie destroy context assumes that the context's mailbox channel pointer...

PT-2026-43859

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ALSA caiaq component. The error handling path for the setup card function fails to kill the internal URB cdev-ep1 in urb if it was submitted before the error...