CVE-2026-41322

@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from astro path with an incorrect/malformed if-match header returns a 500 error with a one year cache lifetime instead of 412 in some cases. This has the effect that all...

CVE-2026-42039

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. This vulnerability is fixed in 1.15.1 and...

CVE-2026-42041 Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution to silently suppress all HTTP error responses 401, 403, 500, etc., causing them to be...

CVE-2026-31563

A flaw was found in the Linux kernel's macb Ethernet driver. The napiconsumeskb function, which is used for freeing network packet buffers SKBs, was incorrectly called in an interrupt-disabled context. This improper handling of network packet freeing can lead to a kernel warning and system...

CVE-2026-31552

A flaw was found in the Linux kernel's wlcore component. When the system attempts to allocate memory for a network packet and there is insufficient space, an incorrect error code is returned. This error handling issue causes the system to repeatedly attempt to process the same packet in an endles...

EUVD-2026-25580

@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from astro path with an incorrect/malformed if-match header returns a 500 error with a one year cache lifetime instead of 412 in some cases. This has the effect that all...

CVE-2026-31544

A flaw was found in the Linux kernel's armscmi firmware component. The scmieventhandlergetops helper function can return a NULL pointer when an event handler is not found or created, instead of an expected error pointer. This improper handling of the error path leads to a NULL dereference...

GHSA-82J2-J2CH-GFR8 rustls-webpki: Denial of service via panic on malformed CRL BIT STRING

Summary bitstringflags in src/der.rs panics with an index-out-of-bounds when given a BIT STRING whose content is exactly 0x00 one byte: zero padding bits, zero data bytes. This is reachable through the public API BorrowedCertRevocationList::fromder via the issuingDistributionPoint CRL extension...

CVE-2026-40890

A flaw was found in github.com/gomarkdown/markdown, a Go library for parsing Markdown text and rendering as HTML. A remote attacker could exploit this vulnerability by providing a specially crafted malformed input. Specifically, input containing a '' character, when processed by the...

LiteLLM has SQL Injection in Proxy API key verification

Impact A database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route for example POST /chat/completions a...

CVE-2026-31666

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect return value after changing leaf in lookupextentdataref After commit 1618aa3c2e01 "btrfs: simplify return variables in lookupextentdataref", the err and ret variables were merged into a single ret variable...

DEBIAN-CVE-2026-31666

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect return value after changing leaf in lookupextentdataref After commit 1618aa3c2e01 "btrfs: simplify return variables in lookupextentdataref", the err and ret variables were merged into a single ret variable...

DEBIAN-CVE-2026-31658

In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tsestartxmit When dmamapsingle fails in tsestartxmit, the function returns NETDEVTXOK without freeing the skb. Since NETDEVTXOK tells the stack the packet was consumed, the sk...

DEBIAN-CVE-2026-31654

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...

DEBIAN-CVE-2026-31638

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...

CVE-2026-31638

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...

CVE-2026-31645

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails, leaking the pool. Similarly, lan966xfdmainit frees the coherent DMA...

CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

DEBIAN-CVE-2026-31645

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails, leaking the pool. Similarly, lan966xfdmainit frees the coherent DMA...

DEBIAN-CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...