kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

CVE-2026-27143

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...

Hono missing validation of cookie name on write path in setCookie()

Summary Cookie names are not validated on the write path when using setCookie, serialize, or serializeSigned to generate Set-Cookie headers. While certain cookie attributes such as domain and path are validated, the cookie name itself may contain invalid characters. This results in inconsistent...

EUVD-2026-19919

Cosign's verify-blob-attestation reports false positive when payload parsing fails...

CVE-2025-50659

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the customerror parameter in the /user.asp endpoint...

The Sleuth Kit 缓冲区错误漏洞

The Sleuth Kit TSK is a set of data forensics tools developed by Brian Carrier individually. This tool can analyze file systems such as FAT, NTFS, and UFS, and provide detailed information about those file systems. The Sleuth Kit versions 4.14.0 and earlier contained a buffer error vulnerability...

Kamailio 缓冲区错误漏洞

Kamailio is an open-source implementation of a SIP signaling server developed by Kamailio. Versions of Kamailio prior to 6.0.5 and 5.8.7 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds read operations, which could lead to denial-of-service attacks...

saleor 安全漏洞

Saleor is an open-source interface software developed by Saleor Commerce. Vulnerabilities exist in versions of Saleor before 3.23.0a3, as well as versions before 3.22.47, 3.21.54, and 3.20.118. These vulnerabilities stem from the exposure of users’ email addresses in error messages...

OpenClaw 输入验证错误漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an input validation error vulnerability that can be exploited by an attacker to cause an insecure request body to be resent in a cross-domain redirect, thereby disclosing sensitive request data or...

Kamailio 缓冲区错误漏洞

Kamailio is an open-source implementation of a SIP signaling server developed by Kamailio. Versions of Kamailio prior to 6.1.1, 6.0.6, and 5.8.8 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds access, which could lead to denial of service attacks...

PT-2026-31382

CVE-2025-50659 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom error parameter in the /user.asp endpoint. https://t.co/1QLVN2Tkxc...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006690)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006690 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4dirhash The ext4dirhash will almost never fail, especially...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006819)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006819 advisory. In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006594 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephreaddir when notelastdentry returns error Reset the lastreaddir at t...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006592 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu: Fix error unwind in iommugroupalloc If either iommugroupgratefile fails then the iommugrou...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006689 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when...

Juniper Junos OS Vulnerability (JSA107870)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107870 advisory. - A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticate...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006629 advisory. In the Linux kernel, the following vulnerability has been resolved: net: 9p: fix refcount leak in p9readwork error handling p9reqput need to be called when...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006591 advisory. In the Linux kernel, the following vulnerability has been resolved: intelth: Fix a resource leak in an error handling path If an error occurs after calling...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006658 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5wm8731driverprobe The devicenode pointer is returned by...